Lucene search

[email protected]CVE-2003-0834

HistoryDec 01, 2003 - 5:00 a.m.

CVE-2003-0834

2003-12-0105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cde

libdthelp

buffer overflow

local users

arbitrary code

environment variables

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

CPENameOperatorVersion
sco:unixwaresco unixwareeq7.1.3
sco:unixwaresco unixwareeq7.1.1
sco:open_unixsco open unixeq8.0

CPE	Name	Operator	Version
sco:unixware	sco unixware	eq	7.1.3
sco:unixware	sco unixware	eq	7.1.1
sco:open_unix	sco open unix	eq	8.0

References

ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P

archives.neohapsis.com/archives/hp/2003-q4/0047.html

sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57414

www.idefense.com/application/poi/display?id=134&type=vulnerabilities&flashstatus=false

www.kb.cert.org/vuls/id/575804

www.securityfocus.com/bid/8973

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5141

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for CVE-2003-0834

securityvulns2 seebug3 zdt2 exploitdb4 cert1 exploitpack2