VDB
CVE-2004-0110
CVE-2004-0110
PUBLISHED
CVSS 7.5 HIGH
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
EPSS 41.34% · 97.5th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
41.34%
97.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| sgi | propack | 2.4, 2.3 |
| xmlsoft | libxml | 1.8.17 |
| xmlsoft | libxml2 | 2.4.19, 2.4.23, 2.6.0 |
Exploit Intelligence
- oval:org.mitre.oval:def:11626 (circl)
- oval:org.mitre.oval:def:875 (circl)
- 20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml) (circl)
- RHSA-2004:090 (circl)
- libxml2-nanoftp-bo(15302) (circl)
- RHSA-2004:091 (circl)
- 9718 (circl)
- DSA-455 (circl)
- http://www.xmlsoft.org/news.html (circl)
- RHSA-2004:650 (circl)
…and 8 more exploits
Timeline
- Mar 4, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- oval:org.mitre.oval:def:11626 vdb
- oval:org.mitre.oval:def:875 vdb
- 20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml) mailing-list
- RHSA-2004:090 vendor-advisory
- libxml2-nanoftp-bo(15302) vdb
- RHSA-2004:091 vendor-advisory
- 9718 vdb
- DSA-455 vendor-advisory
- http://www.xmlsoft.org/news.html url
- RHSA-2004:650 vendor-advisory
- O-086 third-party-advisory
- oval:org.mitre.oval:def:833 vdb
- 10958 third-party-advisory
- SUSE-SR:2005:001 vendor-advisory
- GLSA-200403-01 vendor-advisory
- VU#493966 third-party-advisory
- 20040306 TSLSA-2004-0010 - libxml2 mailing-list
- libxml2-nanohttp-bo(15301) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-0110 advisory
- http://secunia.com/advisories/10958 url