Vulnerability Details : CVE-2002-1617
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
Vulnerability category: Execute code
Products affected by CVE-2002-1617
- cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-1617
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1617
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2002-1617
-
http://www.securityfocus.com/archive/1/290115
Vendor Advisory
-
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Exploit
-
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Exploit
-
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Exploit
-
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
-
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Exploit
Jump to