Oval Definition:oval:org.mitre.oval:def:5141
Revision Date:2005-06-29Version:17
Title:CDE libDtHelp Buffer Overflow
Description:Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0834
Platform(s):Sun Solaris 7
Sun Solaris 8
Sun Solaris 9
Product(s):Common Desktop Environment
Definition Synopsis
  • Solaris 7,8,or 9 installed
  • Solaris 8 Installed
  • OR Solaris 7 Installed
  • OR Solaris 9 Installed
  • AND CDE Application Runtime or CDE Separable Help (any SUNWdtbas/SUNWdtbax/SUNWdthep) installed
  • CDE application basic runtime environment (SUNWdtbas/SUNWdtbax) installed
  • OR Separable help for CDE (SUNWdthep) installed
  • AND NOT Patch 107178-03 or later installed
  • AND NOT Patch 108949-08 or later installed
  • AND NOT Patch 116308-01 or later installed
    • BACK