Vulnerability Details : CVE-2003-1236
Potential exploit
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
Vulnerability category: Execute code
Products affected by CVE-2003-1236
- cpe:2.3:a:tanne:tanne:0.6.17:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-1236
27.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-1236
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2003-1236
-
http://www.securityfocus.com/archive/1/305460
Exploit;Patch
-
http://www.securitytracker.com/id?1005900
-
http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2
Patch
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0011.html
Exploit;Patch
-
http://www.iss.net/security_center/static/11006.php
-
http://www.securityfocus.com/bid/6553
Exploit;Patch
-
http://www.securityfocus.com/archive/1/305663
Exploit
Jump to