Lucene search

MitreCVE-2002-0358

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0358

2003-04-0205:00:00

mitre

web.nvd.nist.gov

cve-2002-0358

sgi irix 6.5.16

mediamail

privilege escalation

data breach.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges.

Affected configurations

Nvd

Node

sgimediamail

sgimediamailpro

VendorProductVersionCPE
sgimediamail*cpe:2.3:a:sgi:mediamail:*:*:*:*:*:*:*:*
sgimediamail*cpe:2.3:a:sgi:mediamail:*:*:pro:*:*:*:*:*

Vendor	Product	Version	CPE
sgi	mediamail	*	cpe:2.3:a:sgi:mediamail::::::::
sgi	mediamail	*	cpe:2.3:a:sgi:mediamail:::pro:::::*

References

ftp://patches.sgi.com/support/free/security/advisories/20020602-01-I

www.iss.net/security_center/static/9292.php

www.securityfocus.com/bid/4959

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-0358