exploitDog

GHSA-95vq-m8f4-gh6c

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.

Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.

Ссылки

EPSS

Процентиль: 20%

0.00062

Низкий

CVE ID

Дефекты

CWE-119

Связанные уязвимости

CVE-2008-3389

nvd

больше 17 лет назад

Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.

EPSS

Процентиль: 20%

0.00062

Низкий

CVE ID

Дефекты

CWE-119