Vulnerability Description
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Prozilla | Prozilla Download Accelerator | 1.0.0 |
References
- http://bugs.gentoo.org/show_bug.cgi?id=70090
- http://www.debian.org/security/2005/dsa-663
- http://www.gentoo.org/security/en/glsa/glsa-200411-31.xmlVendor Advisory
- http://www.securityfocus.com/archive/1/382219
- http://www.securityfocus.com/bid/11734ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18210
- http://bugs.gentoo.org/show_bug.cgi?id=70090
- http://www.debian.org/security/2005/dsa-663
- http://www.gentoo.org/security/en/glsa/glsa-200411-31.xmlVendor Advisory
- http://www.securityfocus.com/archive/1/382219
- http://www.securityfocus.com/bid/11734ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18210
FAQ
What is CVE-2004-1120?
CVE-2004-1120 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a...
How severe is CVE-2004-1120?
CVE-2004-1120 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1120?
Check the references section above for vendor advisories and patch information. Affected products include: Prozilla Prozilla Download Accelerator.