CVE-2005-3653

Description

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

Related CPE's

Could not find any relations

References

20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow

PatchVendor Advisory

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778

22688

Patch

16354

Patch

1015526

Patch

18591

PatchVendor Advisory

http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp

PatchVendor Advisory

380

ADV-2006-0311

Vendor Advisory

20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability

ca-igateway-contentlength-bo(24269)

20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability

20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:C/I:C/A:C

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

10

Created by Yello
About Severity.io