CVE-2002-0246

Опубликовано: 29 мая 2002

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.

Ссылки

ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/255414
Exploit
Vendor Advisory
http://www.iss.net/security_center/static/8113.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4060
ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/255414
Exploit
Vendor Advisory
http://www.iss.net/security_center/static/8113.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4060

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:caldera:unixware:7.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00238

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4fhx-m3mx-qm88

github

почти 4 года назад