Lucene search

[email protected]CVE-2003-0390

HistoryJul 02, 2003 - 4:00 a.m.

CVE-2003-0390

2003-07-0204:00:00

[email protected]

web.nvd.nist.gov

buffer overflow

options parsing tool

opt

setuid programs

code execution

cve-2003-0390

security vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi.

Affected configurations

NVD

Node

james_theileroptRange≤3.18

CPENameOperatorVersion
james_theiler:optjames theiler optle3.18

CPE	Name	Operator	Version
james_theiler:opt	james theiler opt	le	3.18

References

marc.info/?l=bugtraq&m=105121918523320&w=2

marc.info/?l=bugtraq&m=105371246204866&w=2

nis-www.lanl.gov/~jt/Software/opt/opt-3.19.tar.gz

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2003-0390

debiancve1 cvelist1 nvd1