Vulnerabilities > CVE-2004-2221 - Unspecified vulnerability in Mercantec Softcart 4.00B
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Mercantec SoftCart CGI Overflow. CVE-2004-2221. Remote exploit for windows platform id EDB-ID:16926 last seen 2016-02-02 modified 2010-09-20 published 2010-09-20 reporter metasploit source https://www.exploit-db.com/download/16926/ title Mercantec SoftCart CGI Overflow description Mercantec SoftCart 4.00b CGI Overflow. CVE-2004-2221. Webapps exploit for cgi platform id EDB-ID:10037 last seen 2016-02-01 modified 2004-08-19 published 2004-08-19 reporter skape source https://www.exploit-db.com/download/10037/ title Mercantec SoftCart 4.00b - CGI Overflow
Metasploit
| description | This is an exploit for an undisclosed buffer overflow in the SoftCart.exe CGI as shipped with Mercantec's shopping cart software. It is possible to execute arbitrary code by passing a malformed CGI parameter in an HTTP GET request. This issue is known to affect SoftCart version 4.00b. |
| id | MSF:EXPLOIT/BSDI/SOFTCART/MERCANTEC_SOFTCART |
| last seen | 2020-05-23 |
| modified | 2017-07-24 |
| published | 2006-12-14 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2221 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/bsdi/softcart/mercantec_softcart.rb |
| title | Mercantec SoftCart CGI Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/82225/mercantec_softcart.rb.txt |
| id | PACKETSTORM:82225 |
| last seen | 2016-12-05 |
| published | 2009-10-27 |
| reporter | trew |
| source | https://packetstormsecurity.com/files/82225/Mercantec-Softcart-CGI-Overflow.html |
| title | Mercantec Softcart CGI Overflow |
References
- http://metasploit.com/projects/Framework/modules/exploits/mercantec_softcart.pm
- http://metasploit.com/projects/Framework/modules/exploits/mercantec_softcart.pm
- http://www.osvdb.org/9011
- http://www.osvdb.org/9011
- http://www.securityfocus.com/bid/10926
- http://www.securityfocus.com/bid/10926
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17008
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17008