Lucene search
HistoryJun 25, 2002 - 4:00 a.m.
CVE-2002-0175
cve-2002-0175
libsafe 2.0-11
format string vulnerabilities
libc
protection bypass
nvd
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
48.2%
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the “'” and “I” characters, which are implemented in libc but not libsafe.
Affected configurations
Node
avayalibsafeMatch1.3.4
ORavayalibsafeMatch1.3.8
ORavayalibsafeMatch2.0.2
ORavayalibsafeMatch2.0.5
ORavayalibsafeMatch2.0.9
ORavayalibsafeMatch2.0.10
ORavayalibsafeMatch2.0.11
| Vendor | Product | Version | CPE |
|---|---|---|---|
| avaya | libsafe | 1.3.8 | cpe:/a:avaya:libsafe:1.3.8::: |
| avaya | libsafe | 2.0.11 | cpe:/a:avaya:libsafe:2.0.11::: |
| avaya | libsafe | 2.0.9 | cpe:/a:avaya:libsafe:2.0.9::: |
| avaya | libsafe | 2.0.5 | cpe:/a:avaya:libsafe:2.0.5::: |
| avaya | libsafe | 2.0.10 | cpe:/a:avaya:libsafe:2.0.10::: |
| avaya | libsafe | 1.3.4 | cpe:/a:avaya:libsafe:1.3.4::: |
| avaya | libsafe | 2.0.2 | cpe:/a:avaya:libsafe:2.0.2::: |
Related
nvd
nvd
CVE-2002-0175
2002-04-22 04:00:00
cvelist
cvelist
CVE-2002-0175
2002-06-25 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : libsafe (MDKSA-2002:026)
2004-07-31 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
48.2%
Related for CVE-2002-0175