Lucene search

[email protected]CVE-2004-0238

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0238

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

overkill

0verkill

buffer overflow

cve-2004-0238

security vulnerability

code execution

nvd

8.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON

Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg functions; possibly allow remote attackers to execute arbitrary code via long strings to (3) the send_message function; and, in the server, via (4) the parse_command_line function.

CPENameOperatorVersion
0verkill:0verkill0verkilleq0.16

CPE	Name	Operator	Version
0verkill:0verkill	0verkill	eq	0.16

References

lists.grok.org.uk/pipermail/full-disclosure/2004-February/016579.html

marc.info/?l=bugtraq&m=107577335424509&w=2

www.securiteam.com/securitynews/5AP010KC0C.html

www.securityfocus.com/bid/9550

exchange.xforce.ibmcloud.com/vulnerabilities/14999

exchange.xforce.ibmcloud.com/vulnerabilities/15000

8.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.8%

JSON

Related for CVE-2004-0238

cvelist1