CVE-2005-3284 - Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Serv

CVE-2005-3284

Summary

Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives.

References

Vulnerable Configurations

cpe:2.3:a:ahnlab:myv3:1.3.11.15:*:*:*:*:*:*:*
cpe:2.3:a:ahnlab:myv3:1.3.11.15:*:*:*:*:*:*:*
cpe:2.3:a:ahnlab:v3net:6.0.0.457:*:win_server:*:*:*:*:*
cpe:2.3:a:ahnlab:v3net:6.0.0.457:*:win_server:*:*:*:*:*
cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.457:*:*:*:*:*:*:*
cpe:2.3:a:ahnlab:v3pro_2004:6.0.0.457:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 05-09-2008 - 20:53)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	15091
bugtraq	20051013 Secunia Research: AhnLab V3 Antivirus ALZ/UUE/XXE Archive HandlingBuffer Overflow
confirm	http://global.ahnlab.com/security/security_advisory002.html
misc	http://secunia.com/secunia_research/2005-48/advisory/
osvdb	19955
secunia	16851
sreason	80

Last major update

05-09-2008 - 20:53

Published

23-10-2005 - 10:02

Last modified

05-09-2008 - 20:53