CVE-2003-0630

Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.debian.org/security/2003/dsa-359	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=106252128221901&w=2

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:atari800:atari800:1.0.1:::::::*
	cpe:2.3:o:atari800:atari800:1.2.1:::::::*
	cpe:2.3:o:atari800:atari800:1.2.1_pre0:::::::*
	cpe:2.3:o:atari800:atari800:1.0.7:::::::*
	cpe:2.3:o:atari800:atari800:1.2:::::::*
	cpe:2.3:o:atari800:atari800:1.0.2:::::::*
	cpe:2.3:o:atari800:atari800:1.0.3:::::::*
	cpe:2.3:o:atari800:atari800:1.0.4:::::::*
	cpe:2.3:o:atari800:atari800:1.2.2:::::::*
	cpe:2.3:o:atari800:atari800:1.0.5:::::::*
	cpe:2.3:o:atari800:atari800:1.0.6:::::::*

Information

Published : 2003-10-19 21:00

Updated : 2016-10-17 19:36

NVD link : CVE-2003-0630

Mitre link : CVE-2003-0630

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

atari800

atari800

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.debian.org/security/2003/dsa-359", "name": "DSA-359", "tags": ["Patch", "Vendor Advisory"], "refsource": "DEBIAN"}, {"url": "http://marc.info/?l=bugtraq&m=106252128221901&w=2", "name": "20030902 GLSA: atari800 (200309-07)", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2003-0630", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2003-10-20T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.2.1_pre0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:atari800:atari800:1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-10-18T02:36Z"}