4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
38.3%
Steve Kemp has found buffer overflows in the handling
of the command line flag -KCONV and the XSHISENLIB environment
variable. Ulf Härnhammer has detected an unbounded copy from
the GECOS field to a char array. All overflows can be exploited
to gain group games privileges.