Lucene search

MitreCVE-2005-3279

HistoryOct 23, 2005 - 10:02 a.m.

CVE-2005-3279

2005-10-2310:02:00

mitre

web.nvd.nist.gov

cve

2005

3279

buffer overflow

jan kybic

bmv

unix

setuid

local privilege escalation

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option.

Affected configurations

Nvd

Node

jan_kybicbitmap_viewerMatch1.2

VendorProductVersionCPE
jan_kybicbitmap_viewer1.2cpe:2.3:a:jan_kybic:bitmap_viewer:1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jan_kybic	bitmap_viewer	1.2	cpe:2.3:a:jan_kybic:bitmap_viewer:1.2:::::::*

References

felinemenace.org/advisories/bmv_advisory.txt

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-3279