Vulnerability Description
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bluecoat | Webproxy | 4.0 |
| Bluecoat | Proxyav | All versions |
References
- http://secunia.com/advisories/18288PatchVendor Advisory
- http://secunia.com/advisories/18909PatchVendor Advisory
- http://securitytracker.com/id?1015441PatchVendor Advisory
- http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.htPatchVendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364PatchVendor Advisory
- http://www.securityfocus.com/bid/16147ExploitPatch
- http://www.vupen.com/english/advisories/2006/0065
- http://www.vupen.com/english/advisories/2006/0622
- http://secunia.com/advisories/18288PatchVendor Advisory
- http://secunia.com/advisories/18909PatchVendor Advisory
- http://securitytracker.com/id?1015441PatchVendor Advisory
- http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.htPatchVendor Advisory
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364PatchVendor Advisory
- http://www.securityfocus.com/bid/16147ExploitPatch
- http://www.vupen.com/english/advisories/2006/0065
FAQ
What is CVE-2005-4085?
CVE-2005-4085 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
How severe is CVE-2005-4085?
CVE-2005-4085 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4085?
Check the references section above for vendor advisories and patch information. Affected products include: Bluecoat Webproxy, Bluecoat Proxyav.