Vulnerabilities > CVE-2004-1288 - Unspecified vulnerability in Siag O3Read .3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the parse_html function in o3read.c for o3read 0.0.3 allows remote attackers to execute arbitrary code via a crafted SXW file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | O3Read 0.0.3 HTML Parser Buffer Overflow Vulnerability. CVE-2004-1288. Remote exploit for linux platform |
id | EDB-ID:25010 |
last seen | 2016-02-03 |
modified | 2004-12-17 |
published | 2004-12-17 |
reporter | Wiktor Kopec |
source | https://www.exploit-db.com/download/25010/ |
title | O3Read 0.0.3 HTML Parser Buffer Overflow Vulnerability |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200501-20.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200501-20 (o3read: Buffer overflow during file conversion) Wiktor Kopec discovered that the parse_html function in o3read.c copies any number of bytes into a 1024-byte t[] array. Impact : Using a specially crafted file, possibly delivered by e-mail or over the Web, an attacker may execute arbitrary code with the permissions of the user running o3read. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 16411 |
published | 2005-02-14 |
reporter | This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/16411 |
title | GLSA-200501-20 : o3read: Buffer overflow during file conversion |