Vulnerability Name: | CVE-2003-0630 (CCN-12792) | ||||||||||||
Assigned: | 2003-07-31 | ||||||||||||
Published: | 2003-07-31 | ||||||||||||
Updated: | 2016-10-18 | ||||||||||||
Summary: | Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument. | ||||||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||
References: | Source: CCN Type: Atari800 Web site Atari800 Source: CCN Type: Debian Bug report logs - #203707 atari800 allows local root compromise. Source: MITRE Type: CNA CVE-2003-0630 Source: BUGTRAQ Type: UNKNOWN 20030902 GLSA: atari800 (200309-07) Source: DEBIAN Type: Patch, Vendor Advisory DSA-359 Source: DEBIAN Type: DSA-359 atari800 -- buffer overflows Source: CCN Type: Gentoo Linux Security Announcement 200309-07 atari800 Source: CCN Type: OSVDB ID: 2354 Atari800 Multiple Unspecified Local Overflows Source: CCN Type: BID-8322 Multiple Atari800 Emulator Local Buffer Overflow Vulnerabilities Source: XF Type: UNKNOWN atari800-bo(12792) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |