Vulnerability Description
Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Athoc | Athoc Toolbar | All versions |
References
- http://marc.info/?l=bugtraq&m=109710974324742&w=2
- http://marc.info/?l=bugtraq&m=110616363415176&w=2
- http://www.ngssoftware.com/advisories/athoc-01full.txt
- http://www.securityfocus.com/bid/11341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17628
- http://marc.info/?l=bugtraq&m=109710974324742&w=2
- http://marc.info/?l=bugtraq&m=110616363415176&w=2
- http://www.ngssoftware.com/advisories/athoc-01full.txt
- http://www.securityfocus.com/bid/11341
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17628
FAQ
What is CVE-2005-0188?
CVE-2005-0188 is a vulnerability with a CVSS score of 7.5 (HIGH). Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug l...
How severe is CVE-2005-0188?
CVE-2005-0188 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0188?
Check the references section above for vendor advisories and patch information. Affected products include: Athoc Athoc Toolbar.