Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1402


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1402
Last Modified 05 Sep 2008 04:49:03
Published 03 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison.

Vulnerable Systems


  • Mtp-target 1.2.2


BUGTRAQ - 20050501 Clients format string and server crash in Mtp-Target 1.2.2


Last Updated: 27 May 2016 10:40:09