SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-12-15
Updated
2016-10-18
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
Max CVSS
4.3
EPSS Score
2.35%
Published
2003-12-15
Updated
2018-10-30
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-12-01
Updated
2018-05-03
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-10-20
Updated
2022-08-17
4 vulnerabilities found