Vulnerability Details CVE-2005-4568
Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1017.html
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1019.html
- http://www.securityfocus.com/bid/15972
- http://www.vupen.com/english/advisories/2005/3010
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1017.html
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/1019.html
- http://www.securityfocus.com/bid/15972
- http://www.vupen.com/english/advisories/2005/3010
Products affected by CVE-2005-4568
-
cpe:2.3:a:floosietek:ftgate:4.4_build_4.4.000