CVE-2004-0179

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.debian.org/security/2004/dsa-487", "name": "DSA-487", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-157.html", "name": "RHSA-2004:157", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc", "name": "20040404-01-U", "tags": ["Broken Link"], "refsource": "SGI"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552", "name": "FEDORA-2004-1552", "tags": ["Broken Link"], "refsource": "FEDORA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-158.html", "name": "RHSA-2004:158", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-159.html", "name": "RHSA-2004:159", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-160.html", "name": "RHSA-2004:160", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-01.xml", "name": "GLSA-200405-01", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://security.gentoo.org/glsa/glsa-200405-04.xml", "name": "GLSA-200405-04", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html", "name": "SuSE-SA:2004:008", "tags": ["Broken Link"], "refsource": "SUSE"}, {"url": "http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html", "name": "SuSE-SA:2004:009", "tags": ["Broken Link"], "refsource": "SUSE"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:032", "name": "MDKSA-2004:032", "tags": ["Third Party Advisory"], "refsource": "MANDRAKE"}, {"url": "http://www.securityfocus.com/bid/10136", "name": "10136", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://www.osvdb.org/5365", "name": "5365", "tags": ["Broken Link"], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/11363", "name": "11363", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://marc.info/?l=bugtraq&m=108214147022626&w=2", "name": "20040416 void.at - neon format string bugs", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=108213873203477&w=2", "name": "20040416 [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon)", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913", "name": "oval:org.mitre.oval:def:10913", "tags": ["Third Party Advisory"], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065", "name": "oval:org.mitre.oval:def:1065", "tags": ["Third Party Advisory"], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-134"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0179", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2004-06-01T04:00Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:webdav:neon:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.24.5", "versionStartIncluding": "0.19.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:a:webdav:cadaver:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-10-13T16:52Z"}