Vulnerability Description
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.0 |
References
- http://secunia.com/advisories/17413Vendor Advisory
- http://securitytracker.com/id?1015139
- http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtmlVendor Advisory
- http://www.kb.cert.org/vuls/id/562945US Government Resource
- http://www.securityfocus.com/bid/15275
- http://www.vupen.com/english/advisories/2005/2282
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://secunia.com/advisories/17413Vendor Advisory
- http://securitytracker.com/id?1015139
- http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtmlVendor Advisory
- http://www.kb.cert.org/vuls/id/562945US Government Resource
- http://www.securityfocus.com/bid/15275
- http://www.vupen.com/english/advisories/2005/2282
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2005-3481?
CVE-2005-3481 is a vulnerability with a CVSS score of 9.3 (HIGH). Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rathe...
How severe is CVE-2005-3481?
CVE-2005-3481 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3481?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.