NVD

Id
71391  
Name
CVE-2004-0989  
Description
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2005-03-01  
Modified Date
2017-07-10  
Seq
2004-0989  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
369065 71391 CVE-2004-0989 CLA-2004:890  View
369066 71391 CVE-2004-0989 APPLE-SA-2005-01-25  View
369067 71391 CVE-2004-0989 20041026 libxml2 remote buffer overflows (not in xml parsing code though)  View
369068 71391 CVE-2004-0989 oval:org.mitre.oval:def:10505  View
369069 71391 CVE-2004-0989 oval:org.mitre.oval:def:1173  View
369070 71391 CVE-2004-0989 1011941  View
369071 71391 CVE-2004-0989 P-029  View
369072 71391 CVE-2004-0989 DSA-582  View
369073 71391 CVE-2004-0989 GLSA-200411-05  View
369074 71391 CVE-2004-0989 SUSE-SR:2005:001  View
369075 71391 CVE-2004-0989 RHSA-2004:615  View
369076 71391 CVE-2004-0989 RHSA-2004:650  View
369077 71391 CVE-2004-0989 11526  View
369078 71391 CVE-2004-0989 libxml2-xmlnanoftpscanurl-bo(17870)  View
369079 71391 CVE-2004-0989 libxml2-nanoftp-file-bo(17872)  View
369080 71391 CVE-2004-0989 libxml2-xmlnanoftpscanproxy-bo(17875)  View
369081 71391 CVE-2004-0989 libxml2-nanohttp-file-bo(17876)  View
369082 71391 CVE-2004-0989 USN-89-1  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63120 JVNDB-2004-000462 libxml および libxml2 の複数の関数におけるバッファオーバーフローの脆弱性 libxml および libxml2 に存在する nanoftp.c の xmlNanoFTPScanURL() 関数および xmlNanoFTPScanProxy() 関数には、FTP URL または FTP プロキシ URL の解釈時に境界チェックが適切に行われていないため、バッファオーバーフローが発生する脆弱性が存在します。 CVE-2004-0989 9416 CVE-2004-0989 71391 10 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000462.html 2004-10-25 2007-04-01 View