CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0992

Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://proxytunnel.sourceforge.net/news.html
http://www.gentoo.org/security/en/glsa/glsa-200411-07.xml
http://www.securityfocus.com/bid/11592
https://exchange.xforce.ibmcloud.com/vulnerabilities/17945
http://proxytunnel.sourceforge.net/news.html
http://www.gentoo.org/security/en/glsa/glsa-200411-07.xml
http://www.securityfocus.com/bid/11592
https://exchange.xforce.ibmcloud.com/vulnerabilities/17945

Products affected by CVE-2004-0992

Proxytunnel » Proxytunnel » Version: 1.0.6

cpe:2.3:a:proxytunnel:proxytunnel:1.0.6
Proxytunnel » Proxytunnel » Version: 1.1.3

cpe:2.3:a:proxytunnel:proxytunnel:1.1.3
Proxytunnel » Proxytunnel » Version: 1.2.2

cpe:2.3:a:proxytunnel:proxytunnel:1.2.2
Proxytunnel » Proxytunnel » Version: 1.2_.0

cpe:2.3:a:proxytunnel:proxytunnel:1.2_.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0992

Products

Pricing

Contact Us