ID CVE-2000-0285
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:04:00
Description
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter.
{"id": "CVE-2000-0285", "bulletinFamily": "NVD", "title": "CVE-2000-0285", "description": "Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter.", "published": "2000-04-16T04:00:00", "modified": "2008-09-10T19:04:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0285", "reporter": "cve@mitre.org", "references": ["http://archives.neohapsis.com/archives/bugtraq/2000-04/0076.html", "http://www.securityfocus.com/bid/1306"], "cvelist": ["CVE-2000-0285"], "type": "cve", "lastseen": "2021-04-21T20:20:02", "edition": 5, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:1375"]}], "modified": "2021-04-21T20:20:02", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2021-04-21T20:20:02", "rev": 2}, "vulnersScore": 7.1}, "cpe": ["cpe:/a:xfree86_project:x11r6:4.0", "cpe:/a:xfree86_project:x11r6:3.3.6"], "affectedSoftware": [{"cpeName": "xfree86_project:x11r6", "name": "xfree86 project x11r6", "operator": "eq", "version": "3.3.6"}, {"cpeName": "xfree86_project:x11r6", "name": "xfree86 project x11r6", "operator": "eq", "version": "4.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "1306", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/1306"}, {"name": "20000416 XFree86 server overflow", "refsource": "BUGTRAQ", "tags": ["Vendor Advisory", "Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0076.html"}], "immutableFields": []}
{"osvdb": [{"lastseen": "2017-04-28T13:19:56", "bulletinFamily": "software", "cvelist": ["CVE-2000-0285"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-04/0076.html\nISS X-Force ID: 4867\n[CVE-2000-0285](https://vulners.com/cve/CVE-2000-0285)\nBugtraq ID: 1306\n", "modified": "2000-04-16T00:00:00", "published": "2000-04-16T00:00:00", "id": "OSVDB:1375", "href": "https://vulners.com/osvdb/OSVDB:1375", "title": "XFree86 -xkbmap Parameter X Server Overflow", "type": "osvdb", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
