CVE Vulnerabilities

CVE-2005-2758

Published: Oct 05, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Antivirus_scan_engine Symantec 4.0 (including) 4.0 (including)
Antivirus_scan_engine Symantec 4.3 (including) 4.3 (including)
Antivirus_scan_engine_for_network_attached_storage Symantec 4.3 (including) 4.3 (including)

References