Lucene search

Kaspersky LabKLA10153

HistoryJan 30, 2003 - 12:00 a.m.

KLA10153 DoS vulnerability in FAR manager

2003-01-3000:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

Percentile

0.4%

JSON

Lack of string length check was found in FAR manager. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally via a specially designed path.

Original advisories

vulnerability

Related products

FAR-Manager

CVE list

CVE-2003-1445 warning

Solution

Update to latest version

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Far manager versions 1.70beta4 and earlier

References

securityvulns.com/advisories/farbo.asp

statistics.securelist.com/

threats.kaspersky.com/en/product/FAR-Manager/

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for KLA10153