CVE-2005-3863

{"id": "CVE-2005-3863", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-11-29T11:03:00.000", "references": [{"url": "http://secunia.com/advisories/17768", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18081", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20329", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20368", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20446", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21684", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200512-11.xml", "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200608-27.xml", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2006/dsa-1083", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2006/dsa-1088", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/21161", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/417906/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15600", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2005/2605", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2062", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.zone-h.org/en/advisories/read/id=8480/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23233", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro."}], "lastModified": "2018-10-19T15:39:26.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ktools:ktools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CC84E5D-A721-4186-8717-206A5A4963DF", "versionEndIncluding": "0.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}