CVE-2004-0110

SGI Propack - Buffer Overflow

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0110. PoCs published by infamous41md.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in libxml2's nanoftp component (CVE-2004-0110). It crafts a malicious URL with NOP sleds and shellcode to achieve remote code execution by overflowing the buffer during URL parsing.

Description

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

Exploits (1)

exploitdb WORKING POC VERIFIED

by infamous41md · clocallinux

https://www.exploit-db.com/exploits/601

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in libxml2's nanoftp component (CVE-2004-0110). It crafts a malicious URL with NOP sleds and shellcode to achieve remote code execution by overflowing the buffer during URL parsing.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: libxml2 2.6.12

No auth needed

Prerequisites: Network access to target · Vulnerable libxml2 version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (18)

Core 18

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-091.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=107851606605420&w=2

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2004-090.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15302

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/9718

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2004/dsa-455

Various Sources x_refsource_confirm

http://www.xmlsoft.org/news.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2004-650.html

Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac

http://www.ciac.org/ciac/bulletins/o-086.shtml

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/10958/

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2005_01_sr.html

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200403-01.xml

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/493966

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=107860178228804&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15301

Scores

EPSS 0.2423

EPSS Percentile 97.6%

Details

Status published

Products (14)

sgi/propack 2.3

sgi/propack 2.4

xmlsoft/libxml 1.8.17

xmlsoft/libxml2 2.4.19

xmlsoft/libxml2 2.4.23

xmlsoft/libxml2 2.5.4

xmlsoft/libxml2 2.5.10

xmlsoft/libxml2 2.5.11

xmlsoft/libxml2 2.6.0

xmlsoft/libxml2 2.6.1

... and 4 more

Published Mar 15, 2004

Tracked Since Feb 18, 2026