Vulnerability Details CVE-2005-0523
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.072
EPSS Ranking 91.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://deicide.siyahsapka.org/exploits/proz_ex2.c
- http://www.debian.org/security/2005/dsa-719
- http://www.securiteam.com/exploits/5WP082KEUW.html
- http://www.securityfocus.com/bid/12635
- http://deicide.siyahsapka.org/exploits/proz_ex2.c
- http://www.debian.org/security/2005/dsa-719
- http://www.securiteam.com/exploits/5WP082KEUW.html
- http://www.securityfocus.com/bid/12635
Products affected by CVE-2005-0523
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.0
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.1
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.2
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.3
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.4
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.1
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.2
-
cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.6