2 matches found
CVE-2004-0368
CVE-2004-0368 is a double-free vulnerability in the CDE dtlogin daemon that can allow remote code execution with root privileges via crafted XDMCP packets. Affected platforms include Solaris and HP-UX (and related CDE environments), with multiple patches issued (Solaris patches 108920-30 / 108919...
CVE-2001-0803
CVE-2001-0803 is a buffer overflow in the dtspcd (CDE Subprocess Control Service) client connection routine (libDtSvc.so.1) that allows remote execution of arbitrary commands. Public references show exploits and proof-of-concept tooling (e.g., Solaris dtspcd heap overflow modules in Metasploit) a...