CVE-2005-1346 : Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail S

Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.

Published 2005-05-02 04:00:00

Updated 2008-09-05 20:48:54

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2005-1346

Probability of exploitation activity in the next 30 days: 0.27%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-1346

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.6	LOW	AV:N/AC:H/Au:N/C:N/I:N/A:P	4.9	2.9	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2005-1346

http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html

Vendor Advisory

Products affected by CVE-2005-1346

Symantec » Norton Antivirus » Version: 2005 11.0.0
cpe:2.3:a:symantec:norton_antivirus:2005_11.0.0:*:*:*:*:*:*:*
Matching versions
Symantec » Norton Internet Security » Version: 2005 Contains Nav 11.0.0
cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
Matching versions
Symantec » Norton System Works » Version: 2005 Contains Nav 11.0.0
cpe:2.3:a:symantec:norton_system_works:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
Matching versions
Symantec » Antivirus Scan Engine » Version: 4.3.7.27
cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*
Matching versions
Symantec » Web Security » Version: 3.0.1.72
cpe:2.3:a:symantec:web_security:3.0.1.72:*:*:*:*:*:*:*
Matching versions
Symantec » Mail Security » Version: 4.0.5.66 Smtp Edition
cpe:2.3:a:symantec:mail_security:4.0.5.66:*:smtp:*:*:*:*:*
Matching versions
Symantec » Mail Security » Version: 4.5.4.743 Exchange Edition
cpe:2.3:a:symantec:mail_security:4.5.4.743:*:exchange:*:*:*:*:*
Matching versions
Symantec » Symav Filter Domino Nt » Version: 3.1.1.87
cpe:2.3:a:symantec:symav_filter_domino_nt:3.1.1.87:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-1346

Exploit prediction scoring system (EPSS) score for CVE-2005-1346

CVSS scores for CVE-2005-1346

References for CVE-2005-1346

Products affected by CVE-2005-1346