Unrated severityNVD Advisory· Published Apr 14, 2005· Updated Apr 16, 2026
CVE-2005-1122
CVE-2005-1122
Description
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").
Affected products
17cpe:2.3:a:monkey-project:monkey:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:monkey-project:monkey:*:*:*:*:*:*:*:*range: <=0.9.0
- cpe:2.3:a:monkey-project:monkey:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.4:2:*:*:*:*:*:*
- cpe:2.3:a:monkey-project:monkey:0.8.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- secunia.com/advisories/14953nvdPatchVendor Advisory
- security.gentoo.org/glsa/glsa-200504-14.xmlnvdPatchVendor Advisory
- bugs.gentoo.org/show_bug.cginvdVendor Advisory
- www.osvdb.org/15511nvdVendor Advisory
News mentions
0No linked articles in our index yet.