CVE-2005-3922

Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.rem0te.com/public/images/panda.pdf	Vendor Advisory
http://www.securityfocus.com/bid/15616
http://www.osvdb.org/21256
http://secunia.com/advisories/17765
http://securitytracker.com/id?1015295
http://securityreason.com/securityalert/216
http://www.vupen.com/english/advisories/2005/2666
https://exchange.xforce.ibmcloud.com/vulnerabilities/23276
http://www.securityfocus.com/archive/1/418096/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:panda:panda_exchangesecure::::::::
	cpe:2.3:a:panda:panda_filesecure::::::::
	cpe:2.3:a:panda:panda_titanium::::::::
	cpe:2.3:a:panda:panda_titanium_2005_antivirus::::::::
	cpe:2.3:a:panda:panda_antivirus_platinum:2.0:::::::*
	cpe:2.3:a:panda:panda_businessecure_antivirus::::::::
	cpe:2.3:a:panda:panda_isa_secure::::::::
	cpe:2.3:a:panda:panda_panda_enterprisecure_antivirus::::::::
	cpe:2.3:a:panda:panda_truprevent_personal:2006:::::::*
	cpe:2.3:a:panda:panda_webadmin::::::::
	cpe:2.3:a:panda:panda_activescan:5.0:::::::*
	cpe:2.3:a:panda:panda_truprevent_personal:2005:::::::*
	cpe:2.3:a:panda:panda_clientshield_with_truprevent_technologies::::::::
	cpe:2.3:a:panda:panda_platinum_2006_internet_security::::::::
	cpe:2.3:a:panda:panda_filesecure_with_truprevent_technologies::::::::
	cpe:2.3:a:panda:panda_gatedefender::::::::
	cpe:2.3:a:panda:panda_titanium_2006_antivirus_\+_antispyware::::::::
	cpe:2.3:a:panda:panda_security:3.0:::::::*
	cpe:2.3:a:panda:panda_antivirus:2.0:::::::*
	cpe:2.3:a:panda:panda_enterprisecure_with_truprevent_technologies::::::::

Information

Published : 2005-11-30 03:03

Updated : 2018-10-19 08:39

NVD link : CVE-2005-3922

Mitre link : CVE-2005-3922

JSON object : View

CWE

NVD-CWE-Other

Products Affected

panda

panda_titanium_2006_antivirus_\+_antispyware
panda_activescan
panda_gatedefender
panda_titanium
panda_titanium_2005_antivirus
panda_exchangesecure
panda_truprevent_personal
panda_antivirus
panda_security
panda_antivirus_platinum
panda_isa_secure
panda_enterprisecure_with_truprevent_technologies
panda_filesecure
panda_panda_enterprisecure_antivirus
panda_webadmin
panda_platinum_2006_internet_security
panda_filesecure_with_truprevent_technologies
panda_clientshield_with_truprevent_technologies
panda_businessecure_antivirus

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.rem0te.com/public/images/panda.pdf", "name": "http://www.rem0te.com/public/images/panda.pdf", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/15616", "name": "15616", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/21256", "name": "21256", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/17765", "name": "17765", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1015295", "name": "1015295", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securityreason.com/securityalert/216", "name": "216", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2005/2666", "name": "ADV-2005-2666", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276", "name": "panda-antivirus-zoo-bo(23276)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded", "name": "20051129 Panda Remote Heap Overflow", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3922", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-30T11:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:panda:panda_exchangesecure:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_filesecure:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_titanium:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_titanium_2005_antivirus:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_antivirus_platinum:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_businessecure_antivirus:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_isa_secure:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_panda_enterprisecure_antivirus:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_truprevent_personal:2006:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_webadmin:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_activescan:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_truprevent_personal:2005:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_clientshield_with_truprevent_technologies:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_platinum_2006_internet_security:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_filesecure_with_truprevent_technologies:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_gatedefender:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_titanium_2006_antivirus_\\+_antispyware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_security:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_antivirus:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:panda:panda_enterprisecure_with_truprevent_technologies:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:39Z"}

7.5 /10