Описание
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:raydium:raydium:svn_revision_283:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_284:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_285:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_286:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_287:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_288:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_289:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_290:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_291:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_292:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_293:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_294:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_295:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_296:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_297:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_298:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_299:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_300:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_301:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_302:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_303:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_304:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_305:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_306:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_307:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_308:*:*:*:*:*:*:*
cpe:2.3:a:raydium:raydium:svn_revision_309:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00242
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-134
Связанные уязвимости
github
больше 3 лет назад
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
EPSS
Процентиль: 47%
0.00242
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-134