Vulnerability Name: | CVE-2005-4085 (CCN-23996) | ||||||||
Assigned: | 2005-12-31 | ||||||||
Published: | 2005-12-31 | ||||||||
Updated: | 2011-03-08 | ||||||||
Summary: | Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-4085 Source: CCN Type: Blue Coat Systems Web site Blue Coat Systems - Download ProxyAV Source: CCN Type: SA18288 Blue Coat WinProxy Multiple Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 18288 Source: CCN Type: SA18909 Blue Coat ProxyAV Host Header Buffer Overflow Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 18909 Source: CCN Type: SECTRACK ID: 1015441 Blue Coat WinProxy Host Header Buffer Overflow Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: Patch, Vendor Advisory 1015441 Source: CCN Type: Blue Coat Systems Security Advisory February 15, 2006 Host Header Stack Overflow Vulnerability Source: CONFIRM Type: Patch, Vendor Advisory http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html Source: IDEFENSE Type: Patch, Vendor Advisory 20060105 Blue Coat Systems WinProxy Host Header Stack Overflow Vulnerability Source: CCN Type: OSVDB ID: 22238 Blue Coat WinProxy / ProxyAV Host Header Remote Overflow Source: BID Type: Exploit, Patch 16147 Source: CCN Type: BID-16147 Blue Coat Systems WinProxy Remote Host Header Buffer Overflow Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-0065 Source: VUPEN Type: UNKNOWN ADV-2006-0622 Source: CCN Type: WinProxy Web site WinProxy: Products Source: XF Type: UNKNOWN winproxy-securesuite-host-bo(23996) Source: CCN Type: iDEFENSE Security Advisory: 01.05.06 Blue Coat Systems WinProxy Host Header Stack Overflow Vulnerability | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |