Detections
Analytics

CVE-2005-3863

high

Description

Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/23233

http://www.zone-h.org/en/advisories/read/id=8480/

http://www.vupen.com/english/advisories/2006/2062

http://www.vupen.com/english/advisories/2005/2605

http://www.securityfocus.com/bid/15600

http://www.securityfocus.com/archive/1/417906/100/0/threaded

http://www.osvdb.org/21161

http://www.debian.org/security/2006/dsa-1088

http://www.debian.org/security/2006/dsa-1083

http://security.gentoo.org/glsa/glsa-200608-27.xml

http://security.gentoo.org/glsa/glsa-200512-11.xml

http://secunia.com/advisories/21684

http://secunia.com/advisories/20446

http://secunia.com/advisories/20368

http://secunia.com/advisories/20329

http://secunia.com/advisories/18081

http://secunia.com/advisories/17768

Details

Source: Mitre, NVD

Published: 2005-11-29

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High