Vulnerability Details CVE-2005-4581
Buffer overflow in Electric Sheep 2.6.3 client allows local users to execute arbitrary code via a long window-id parameter. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.3%
CVSS Severity
CVSS v2 Score 4.6
References
- http://draves.org/HyperNews/get.cgi/flame/1478.html
- http://draves.org/HyperNews/get.cgi/flame/1478/1.html
- http://electricsheep.org/index.cgi?&menu=talk
- http://electricsheep.org/release_notes.html
- http://www.securityfocus.com/archive/1/420160/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23893
- http://draves.org/HyperNews/get.cgi/flame/1478.html
- http://draves.org/HyperNews/get.cgi/flame/1478/1.html
- http://electricsheep.org/index.cgi?&menu=talk
- http://electricsheep.org/release_notes.html
- http://www.securityfocus.com/archive/1/420160/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23893
Products affected by CVE-2005-4581
-
cpe:2.3:a:scott_draves:electric_sheep:2.6.3