CVE-2005-0523

ProZilla <1.3.7.3 - RCE

Title source: llm

Description

Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Serkan Akpolat · cremotelinux

https://www.exploit-db.com/exploits/806

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securiteam.com/exploits/5WP082KEUW.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/12635

[Patch] http://www.debian.org/security/2005/dsa-719

[Various Sources] http://deicide.siyahsapka.org/exploits/proz_ex2.c

Scores

EPSS 0.0720

EPSS Percentile 91.6%

Details

Status published

Products (9)

prozilla/prozilla_download_accelerator 1.3.0

prozilla/prozilla_download_accelerator 1.3.1

prozilla/prozilla_download_accelerator 1.3.2

prozilla/prozilla_download_accelerator 1.3.3

prozilla/prozilla_download_accelerator 1.3.4

prozilla/prozilla_download_accelerator 1.3.5

prozilla/prozilla_download_accelerator 1.3.5.1

prozilla/prozilla_download_accelerator 1.3.5.2

prozilla/prozilla_download_accelerator 1.3.6

Published May 02, 2005

Tracked Since Feb 18, 2026