{"api_version":"1","generated_at":"2026-04-23T11:33:57+00:00","cve":"CVE-2005-0249","urls":{"html":"https://cve.report/CVE-2005-0249","api":"https://cve.report/api/cve/CVE-2005-0249.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-0249","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-0249"},"summary":{"title":"CVE-2005-0249","description":"Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-02-08 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://securitytracker.com/id?1013133","name":"http://securitytracker.com/id?1013133","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - Symantec Norton Anti-Virus Buffer Overflow in DEC2EXE in Parsing UPX Compressed Files Lets Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/107822","name":"http://www.kb.cert.org/vuls/id/107822","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#107822","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18869","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18869","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://xforce.iss.net/xforce/alerts/id/187","name":"http://xforce.iss.net/xforce/alerts/id/187","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html","name":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"404 Not Found","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-0249","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0249","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"antivirus_scan_engine","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"brightmail_antispam","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"brightmail_antispam","cpe6":"5.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.434","cpe7":"mr3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.437","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.446","cpe7":"mr4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.457","cpe7":"mr5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.460","cpe7":"mr6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.464","cpe7":"mr7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0.1_build_8.01.471","cpe7":"mr8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1.1_mr1_build_8.1.1.314a","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1.1_mr2_build_8.1.1.319","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1.1_mr3_build_8.1.1.323","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1.1_mr4_build_8.1.1.329","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1.1_mr5_build_8.1.1.336","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"gateway_security","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"gateway_security","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"gateway_security","cpe6":"2.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"mail_security","cpe6":"4.0","cpe7":"*","cpe8":"domino","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"mail_security","cpe6":"4.1","cpe7":"build_458","cpe8":"exchange","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"mail_security","cpe6":"4.1","cpe7":"build_459","cpe8":"exchange","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"mail_security","cpe6":"4.1","cpe7":"build_461","cpe8":"exchange","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"mail_security","cpe6":"4.5_build_719","cpe7":"*","cpe8":"exchange","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"2.18_build_83","cpe7":"*","cpe8":"exchange","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"2004","cpe7":"*","cpe8":"windows","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.434","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.437","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.446","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.457","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.460","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.464","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.01.471","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.1.1.319","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.1.1.323","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.1.1.329","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"8.1.1_build8.1.1.314a","cpe7":"*","cpe8":"corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_antivirus","cpe6":"9.0","cpe7":"*","cpe8":"macintosh_corporate","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2004","cpe7":"*","cpe8":"professional","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_system_works","cpe6":"2004","cpe7":"*","cpe8":"windows","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"sav_filter_domino_nt_ports","cpe6":"build3.0.5","cpe7":"*","cpe8":"aix","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"sav_filter_domino_nt_ports","cpe6":"build3.0.5","cpe7":"*","cpe8":"os_400","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"sav_filter_for_domino_nt","cpe6":"3.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.59","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.60","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.61","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.62","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.63","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.67","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"249","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"web_security","cpe6":"3.01.68","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:05:25.457Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"VU#107822","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/107822"},{"name":"20050208 Symantec AntiVirus Library Heap Overflow","tags":["third-party-advisory","x_refsource_ISS","x_transferred"],"url":"http://xforce.iss.net/xforce/alerts/id/187"},{"name":"1013133","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1013133"},{"name":"upx-engine-gain-control(18869)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-02-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"VU#107822","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/107822"},{"name":"20050208 Symantec AntiVirus Library Heap Overflow","tags":["third-party-advisory","x_refsource_ISS"],"url":"http://xforce.iss.net/xforce/alerts/id/187"},{"name":"1013133","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1013133"},{"name":"upx-engine-gain-control(18869)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-0249","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"VU#107822","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/107822"},{"name":"20050208 Symantec AntiVirus Library Heap Overflow","refsource":"ISS","url":"http://xforce.iss.net/xforce/alerts/id/187"},{"name":"1013133","refsource":"SECTRACK","url":"http://securitytracker.com/id?1013133"},{"name":"upx-engine-gain-control(18869)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"},{"name":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html","refsource":"CONFIRM","url":"http://www.symantec.com/avcenter/security/Content/2005.02.08.html"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-0249","datePublished":"2005-02-08T05:00:00.000Z","dateReserved":"2005-02-08T00:00:00.000Z","dateUpdated":"2024-08-07T21:05:25.457Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-02-08 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":true,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:antivirus_scan_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.3","matchCriteriaId":"5797D88E-6D89-46F9-AC32-154754D6B856"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*","matchCriteriaId":"95436CD6-8E9C-4F89-9683-0650F6167027"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*","matchCriteriaId":"FC910CFD-9F20-473E-BC2D-64A7A3C14404"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*","matchCriteriaId":"BE15AE1D-8647-444F-90F0-FC658A3AC344"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*","matchCriteriaId":"0C03FA86-F2E6-4E41-8368-E917C91D7837"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*","matchCriteriaId":"95BF74F0-40F1-4395-AC85-E6B566950C53"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*","matchCriteriaId":"994CB184-AFE8-4673-ACE8-085813F1E71F"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*","matchCriteriaId":"85CF6FFB-4189-4558-A70D-DE6D4C0C1F82"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*","matchCriteriaId":"31D6A148-A92C-4FCA-8762-16764D62C363"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*","matchCriteriaId":"3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*","matchCriteriaId":"FB47C16B-5221-4D64-BDB2-65D072A66C02"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*","matchCriteriaId":"204F2046-F116-45D7-9256-179A3B59886A"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*","matchCriteriaId":"CD0C67C0-3CF1-4BAD-A673-9B783E1D0724"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*","matchCriteriaId":"274EA5DA-9519-46DE-B11E-87BDF1978E14"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*","matchCriteriaId":"044C020A-0BCC-4037-BC32-73385A0BE019"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*","matchCriteriaId":"A939A3CE-BFBB-4950-A0D3-D5731AABF602"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*","matchCriteriaId":"5BC7324C-0415-4349-A625-04A8209D7709"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"031C9545-1CF1-46EF-B79C-7AD69E1B1C82"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*","matchCriteriaId":"DA6CFDFD-1EB4-458A-AD39-320E619593D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*","matchCriteriaId":"15436586-B0EE-40F4-9051-90953CF3684D"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*","matchCriteriaId":"96290C64-A507-46B6-908D-AD567A21899F"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*","matchCriteriaId":"2955A350-222F-4AD9-9745-9468D46503F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*","matchCriteriaId":"5CA62889-7A55-459F-BFD8-D38CD93F9219"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*","matchCriteriaId":"3E906A81-4081-438E-948C-FC82BF7203F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*","matchCriteriaId":"E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*","matchCriteriaId":"EC4CFE5A-4D51-405D-B92E-37DE4E617ABE"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*","matchCriteriaId":"727A116A-D18C-4F3F-A6A8-2C6107FFB8C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*","matchCriteriaId":"4A6612F1-4CA8-427A-AED4-854F943BA3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*","matchCriteriaId":"8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*","matchCriteriaId":"9603C423-F24A-4607-B721-D02EDA94AE8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*","matchCriteriaId":"574AAAA6-8181-457B-84CE-5AEB1895E3B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*","matchCriteriaId":"DF957AD3-B6E5-4BD7-832F-33E734817B77"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*","matchCriteriaId":"14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*","matchCriteriaId":"768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*","matchCriteriaId":"C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*","matchCriteriaId":"DFD3D01C-9169-4CFE-9EA0-61D32BFA8943"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*","matchCriteriaId":"A7FC3B67-D36C-4C9F-B5DC-8FBE3D6E9E29"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*","matchCriteriaId":"09CA1AC8-E273-44C1-9D1C-19542EB57433"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*","matchCriteriaId":"676BCD67-231B-409B-AE6B-D00314C30C9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*","matchCriteriaId":"20030FF8-7275-4AFB-A051-C78F3D3990D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*","matchCriteriaId":"4CD83506-91E9-4556-A993-8FDD31FBDF24"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*","matchCriteriaId":"4004DB50-022B-48C9-B9E5-5110DF37A0B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*","matchCriteriaId":"B05B8522-E203-49A0-8C5B-3DA7B06AF5AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*","matchCriteriaId":"9FD064CE-3C39-4243-B59E-CC8E48ED50DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*","matchCriteriaId":"9886B467-793C-4D07-9B1B-B80FA5266D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*","matchCriteriaId":"676F5A96-B21B-49FF-86EA-F18F9C3931C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*","matchCriteriaId":"18991132-C5B6-43AB-BDCB-196BB2957F27"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*","matchCriteriaId":"42CE2596-83A9-4A80-A8C6-825EDEAAB8B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*","matchCriteriaId":"CBA16BAF-6263-44EA-B3EB-187264913D8D"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"249","Ordinal":"1","Title":"CVE-2005-0249","CVE":"CVE-2005-0249","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"249","Ordinal":"1","NoteData":"Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.","Type":"Description","Title":"CVE-2005-0249"},{"CveYear":"2005","CveId":"249","Ordinal":"2","NoteData":"2005-02-08","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"249","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}