CVE-2005-0439

Stefan Ritt Elog Web Logbook - Buffer Overflow

Title source: rule

Description

Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.

Exploits (1)

exploitdb WORKING POC VERIFIED

by n4rk0tix · cremotemultiple

https://www.exploit-db.com/exploits/805

View Code ZIP pw:eip

References (4)

[Patch] http://www.securityfocus.com/bid/12556

[Patch] http://sourceforge.net/project/shownotes.php?group_id=40505&release_id=304880

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/19313

[Patch, Vendor Advisory] http://midas.psi.ch/elogs/Forum/941

Scores

EPSS 0.1351

EPSS Percentile 94.2%

Details

Status published

Products (18)

stefan_ritt/elog_web_logbook 2.0.0

stefan_ritt/elog_web_logbook 2.0.1

stefan_ritt/elog_web_logbook 2.0.2

stefan_ritt/elog_web_logbook 2.0.3

stefan_ritt/elog_web_logbook 2.0.4

stefan_ritt/elog_web_logbook 2.0.5

stefan_ritt/elog_web_logbook 2.1.0

stefan_ritt/elog_web_logbook 2.1.1

stefan_ritt/elog_web_logbook 2.1.2

stefan_ritt/elog_web_logbook 2.1.3

... and 8 more

Published May 02, 2005

Tracked Since Feb 18, 2026