Lucene search

[email protected]CVE-2003-0834

HistoryDec 01, 2003 - 5:00 a.m.

CVE-2003-0834

2003-12-0105:00:00

[email protected]

web.nvd.nist.gov

cde

libdthelp

buffer overflow

local users

arbitrary code

environment variables

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.3%

JSON

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

Affected configurations

NVD

Node

scoopen_unixMatch8.0

scounixwareMatch7.1.1

scounixwareMatch7.1.3

CPENameOperatorVersion
sco:open_unixsco open unixeq8.0
sco:unixwaresco unixwareeq7.1.1
sco:unixwaresco unixwareeq7.1.3

CPE	Name	Operator	Version
sco:open_unix	sco open unix	eq	8.0
sco:unixware	sco unixware	eq	7.1.1
sco:unixware	sco unixware	eq	7.1.3

References

ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P

archives.neohapsis.com/archives/hp/2003-q4/0047.html

sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57414

www.idefense.com/application/poi/display?id=134&type=vulnerabilities&flashstatus=false

www.kb.cert.org/vuls/id/575804

www.securityfocus.com/bid/8973

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5141

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2003-0834

nvd1 zdt2 exploitpack2 seebug3 securityvulns2 cvelist1 cert1 exploitdb4