CyberSec.Space Logo
CVEブラウザに戻る

CVE-2005-2758

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1710%
EPSS Percentile14.03th
Published2005年10月5日
Last Modified2026年4月16日

Vulnerability Description

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

Affected Platforms (CPE)

📦
Symantec

Antivirus Scan Engine

= 4.0
📦
Symantec

Antivirus Scan Engine

= 4.0
📦
Symantec

Antivirus Scan Engine

= 4.0
📦
Symantec

Antivirus Scan Engine

= 4.0
📦
Symantec

Antivirus Scan Engine

= 4.0
📦
Symantec

Antivirus Scan Engine

= 4.3
📦
Symantec

Antivirus Scan Engine

= 4.3
📦
Symantec

Antivirus Scan Engine

= 4.3
📦
Symantec

Antivirus Scan Engine

= 4.3
📦
Symantec

Antivirus Scan Engine For Network Attached Storage

= 4.3

References & Advisories

🔗 http://secunia.com/advisories/17049
🔗 http://securityreason.com/securityalert/48
🔗 http://securitytracker.com/id?1015001
🔗 http://www.idefense.com/application/poi/display?id=314&type=vulnerabilities
🔗 http://www.kb.cert.org/vuls/id/849209
🔗 http://www.osvdb.org/19854
🔗 http://www.securityfocus.com/bid/15001
🔗 http://www.symantec.com/avcenter/security/Content/2005.10.04.html

関連する脆弱性情報

CVE-2012-49539.3

The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symant...

CVE-2018-122387.8

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Busin...

CVE-2025-101017.8

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of...

CVE-2025-83517.8

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avira Antivirus engine when scanning a malformed file may allow Lo...