CVE-2005-1301

nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site, which allows remote malicious web sites to write arbitrary files.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://jvn.jp/jp/JVN%23AF02FB4B/index.html
http://marc.info/?l=bugtraq&m=111444390329376&w=2
http://secunia.com/advisories/15101
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html	Patch
http://www.osvdb.org/15788
http://jvn.jp/jp/JVN%23AF02FB4B/index.html
http://marc.info/?l=bugtraq&m=111444390329376&w=2
http://secunia.com/advisories/15101
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html	Patch
http://www.osvdb.org/15788

Configurations

Configuration 1 (hide)

cpe:2.3:a:nprotect:netizen:2005.3.17.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-04-13 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2005-1301

Mitre link : CVE-2005-1301

CVE.ORG link : CVE-2005-1301

JSON object : View

Products Affected

nprotect

netizen

CWE

NVD-CWE-Other

{"id": "CVE-2005-1301", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2005-04-13T04:00:00.000", "references": [{"url": "http://jvn.jp/jp/JVN%23AF02FB4B/index.html", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=111444390329376&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/15101", "source": "cve@mitre.org"}, {"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/15788", "source": "cve@mitre.org"}, {"url": "http://jvn.jp/jp/JVN%23AF02FB4B/index.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=111444390329376&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/15101", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/15788", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site, which allows remote malicious web sites to write arbitrary files."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nprotect:netizen:2005.3.17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89794771-BF07-452E-AD47-DF466832A154"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}