Vulnerabilities > CVE-2004-1288 - Unspecified vulnerability in Siag O3Read .3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the parse_html function in o3read.c for o3read 0.0.3 allows remote attackers to execute arbitrary code via a crafted SXW file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | O3Read 0.0.3 HTML Parser Buffer Overflow Vulnerability. CVE-2004-1288. Remote exploit for linux platform |
| id | EDB-ID:25010 |
| last seen | 2016-02-03 |
| modified | 2004-12-17 |
| published | 2004-12-17 |
| reporter | Wiktor Kopec |
| source | https://www.exploit-db.com/download/25010/ |
| title | O3Read 0.0.3 HTML Parser Buffer Overflow Vulnerability |
Nessus
| NASL family | Gentoo Local Security Checks |
| NASL id | GENTOO_GLSA-200501-20.NASL |
| description | The remote host is affected by the vulnerability described in GLSA-200501-20 (o3read: Buffer overflow during file conversion) Wiktor Kopec discovered that the parse_html function in o3read.c copies any number of bytes into a 1024-byte t[] array. Impact : Using a specially crafted file, possibly delivered by e-mail or over the Web, an attacker may execute arbitrary code with the permissions of the user running o3read. Workaround : There is no known workaround at this time. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 16411 |
| published | 2005-02-14 |
| reporter | This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/16411 |
| title | GLSA-200501-20 : o3read: Buffer overflow during file conversion |