Unrated severityNVD Advisory· Published Oct 5, 2005· Updated Apr 16, 2026
CVE-2005-2758
CVE-2005-2758
Description
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
Affected products
10cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:bluecoat:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:netapp_filer:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:netapp_netcache:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*
- cpe:2.3:a:symantec:antivirus_scan_engine_for_network_attached_storage:4.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.idefense.com/application/poi/displaynvdPatchVendor Advisory
- www.symantec.com/avcenter/security/Content/2005.10.04.htmlnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/849209nvdUS Government Resource
- secunia.com/advisories/17049nvd
- securityreason.com/securityalert/48nvd
- securitytracker.com/idnvd
- www.osvdb.org/19854nvd
- www.securityfocus.com/bid/15001nvd
- www.vupen.com/english/advisories/2005/1954nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/22519nvd
News mentions
0No linked articles in our index yet.