CVE-2005-4203
CVE-2005-4203 is a high-severity vulnerability in Logisphere with a CVSS 2.0 base score of 7.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 2.0 base score 7.8)
- EPSS exploit prediction: 2% (78th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Logisphere
- Published:
- Last modified:
Description
LogiSphere 0.9.9j does not restrict the number of messages that can be sent, which allows remote attackers to cause a denial of service by sending a large number of messages via the msg command. NOTE: due to lack of appropriate details by the original researcher, it is unclear whether this description accurately reflects the discloser's claim and is distinct from the XSS issue.
Frequently asked questions
- What is CVE-2005-4203?
- LogiSphere 0.9.9j does not restrict the number of messages that can be sent, which allows remote attackers to cause a denial of service by sending a large number of messages via the msg command. NOTE: due to lack of appropriate details by the original researcher, it is unclear whether this description accurately reflects the discloser's claim and is distinct from the XSS issue.
- How severe is CVE-2005-4203?
- CVE-2005-4203 has a CVSS 2.0 base score of 7.8, rated high severity.
- Is CVE-2005-4203 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (78th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2005-4203?
- CVE-2005-4203 affects Logisphere. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2005-4203?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2005-4203 published?
- CVE-2005-4203 was published on 2005-12-13 and last updated on 2026-06-16.
References
- http://secunia.com/advisories/17989
- http://www.ipomonis.com/advisories/logisphere_server.zip
- http://www.securityfocus.com/bid/15807
- http://www.vupen.com/english/advisories/2005/2840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23553
Affected products (1)
- cpe:2.3:a:logisphere:logisphere:0.9.9j:*:*:*:*:*:*:*
More vulnerabilities in Logisphere
- CVE-2005-4202 — Medium (CVSS 5.0): Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via…
- CVE-2005-4204 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows remote attackers to inject arbitrary Javascript…
- CVE-2006-3044 — Low (CVSS 2.6): Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbitrary web script or…