Lucene search

MitreCVE-2002-1317

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1317

2004-09-0104:00:00

mitre

web.nvd.nist.gov

cve-2002-1317

buffer overflow

xfs font server

solaris

denial of service

arbitrary code

remote attackers

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.157

Percentile

96.0%

JSON

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Affected configurations

Nvd

Node

xfree86_projectx11r6Match3.3

xfree86_projectx11r6Match3.3.2

xfree86_projectx11r6Match3.3.3

xfree86_projectx11r6Match3.3.4

xfree86_projectx11r6Match3.3.5

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2

sgiirixMatch6.5.3

sgiirixMatch6.5.4

sgiirixMatch6.5.5

sgiirixMatch6.5.6

sgiirixMatch6.5.7

sgiirixMatch6.5.8

sgiirixMatch6.5.9

sgiirixMatch6.5.10

sgiirixMatch6.5.11

sgiirixMatch6.5.12

sgiirixMatch6.5.13

Node

hphp-uxMatch10.10

hphp-uxMatch10.20

hphp-uxMatch10.24

hphp-uxMatch11.00

hphp-uxMatch11.04

hphp-uxMatch11.11

hphp-uxMatch11.22

sunsolarisMatch2.5.1ppc

sunsolarisMatch2.5.1x86

sunsolarisMatch2.6

sunsolarisMatch7.0x86

sunsolarisMatch8.0x86

sunsolarisMatch9.0sparc

sunsolarisMatch9.0x86_update_2

sunsunosMatch-

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

VendorProductVersionCPE
xfree86_projectx11r63.3cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*
xfree86_projectx11r63.3.2cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*
xfree86_projectx11r63.3.3cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*
xfree86_projectx11r63.3.4cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*
xfree86_projectx11r63.3.5cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*
sgiirix6.5cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
sgiirix6.5.1cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
sgiirix6.5.2cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
sgiirix6.5.3cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
sgiirix6.5.4cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xfree86_project	x11r6	3.3	cpe:2.3:a:xfree86_project:x11r6:3.3:::::::*
xfree86_project	x11r6	3.3.2	cpe:2.3:a:xfree86_project:x11r6:3.3.2:::::::*
xfree86_project	x11r6	3.3.3	cpe:2.3:a:xfree86_project:x11r6:3.3.3:::::::*
xfree86_project	x11r6	3.3.4	cpe:2.3:a:xfree86_project:x11r6:3.3.4:::::::*
xfree86_project	x11r6	3.3.5	cpe:2.3:a:xfree86_project:x11r6:3.3.5:::::::*
sgi	irix	6.5	cpe:2.3:o:sgi:irix:6.5:::::::*
sgi	irix	6.5.1	cpe:2.3:o:sgi:irix:6.5.1:::::::*
sgi	irix	6.5.2	cpe:2.3:o:sgi:irix:6.5.2:::::::*
sgi	irix	6.5.3	cpe:2.3:o:sgi:irix:6.5.3:::::::*
sgi	irix	6.5.4	cpe:2.3:o:sgi:irix:6.5.4:::::::*

Rows per page:

1-10 of 371

References

ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I

bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541

marc.info/?l=bugtraq&m=103825150527843&w=2

sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879

www.cert.org/advisories/CA-2002-34.html

www.ciac.org/ciac/bulletins/n-024.shtml

www.iss.net/security_center/static/10375.php

www.kb.cert.org/vuls/id/312313

www.securityfocus.com/advisories/4988

www.securityfocus.com/bid/6241

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.157

Percentile

96.0%

JSON

Related for CVE-2002-1317