CVE-2005-2758

N/A Unknown

Published: October 05, 2005 Modified: April 16, 2026

Description

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/17049

Source: cve@mitre.org

http://securityreason.com/securityalert/48

Source: cve@mitre.org

http://securitytracker.com/id?1015001

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=314&type=vulnerabilities

Source: cve@mitre.org

Patch Vendor Advisory

http://www.kb.cert.org/vuls/id/849209

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/19854

Source: cve@mitre.org

http://www.securityfocus.com/bid/15001

Source: cve@mitre.org

http://www.symantec.com/avcenter/security/Content/2005.10.04.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vupen.com/english/advisories/2005/1954

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/22519

Source: cve@mitre.org

http://secunia.com/advisories/17049