CVE-2004-1120
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/01/2005
Last modified:
03/04/2025
Description
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.5.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:prozilla:prozilla_download_accelerator:1.3.6:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugs.gentoo.org/show_bug.cgi?id=70090
- http://www.debian.org/security/2005/dsa-663
- http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml
- http://www.securityfocus.com/archive/1/382219
- http://www.securityfocus.com/bid/11734
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18210
- http://bugs.gentoo.org/show_bug.cgi?id=70090
- http://www.debian.org/security/2005/dsa-663
- http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml
- http://www.securityfocus.com/archive/1/382219
- http://www.securityfocus.com/bid/11734
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18210