Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0188

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0188
Last Modified 05 Sep 2008 04:45:32
Published 06 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0188

Summary

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log.

Vulnerable Systems

Application

  • Athoc Toolbar


References

XF - athoc-toolbar-format-string(17628)

BID - 11341

MISC - http://www.ngssoftware.com/advisories/athoc-01full.txt

BUGTRAQ - 20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c)

BUGTRAQ - 20041006 Patch available for high risk flaws in the AtHoc Toolbar


Last Updated: 27 May 2016 10:39:42