Skip to main content

CVE-2005-3995

Severity Medium
Score 5.1/10

Summary

Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv before 1.0.0-pre4, when the syslog (-S) function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands.

  • HIGH
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published