Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Apr 16, 2026

CVE-2004-1112

Description

The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.

Affected products

Cisco Systems, Inc./Security Agent5 versions
cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*
Okena/Stormwatch
cpe:2.3:a:okena:stormwatch:3.x:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ciac.org/ciac/bulletins/p-036.shtmlnvdVendor Advisory
www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtmlnvdVendor Advisory
www.securityfocus.com/bid/11659nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/18037nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000