CVE-2002-1317

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-1317
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541 Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=103825150527843&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879
http://www.cert.org/advisories/CA-2002-34.html Third Party Advisory US Government Resource
http://www.ciac.org/ciac/bulletins/n-024.shtml
http://www.iss.net/security_center/static/10375.php Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/312313 US Government Resource
http://www.securityfocus.com/advisories/4988
http://www.securityfocus.com/bid/6241 Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816
ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541 Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=103825150527843&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879
http://www.cert.org/advisories/CA-2002-34.html Third Party Advisory US Government Resource
http://www.ciac.org/ciac/bulletins/n-024.shtml
http://www.iss.net/security_center/static/10375.php Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/312313 US Government Resource
http://www.securityfocus.com/advisories/4988
http://www.securityfocus.com/bid/6241 Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
History

20 Nov 2024, 23:41

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I - () ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I -
References () http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541 - Patch, Vendor Advisory () http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541 - Patch, Vendor Advisory
References () http://marc.info/?l=bugtraq&m=103825150527843&w=2 - () http://marc.info/?l=bugtraq&m=103825150527843&w=2 -
References () http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879 - () http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879 -
References () http://www.cert.org/advisories/CA-2002-34.html - Third Party Advisory, US Government Resource () http://www.cert.org/advisories/CA-2002-34.html - Third Party Advisory, US Government Resource
References () http://www.ciac.org/ciac/bulletins/n-024.shtml - () http://www.ciac.org/ciac/bulletins/n-024.shtml -
References () http://www.iss.net/security_center/static/10375.php - Patch, Vendor Advisory () http://www.iss.net/security_center/static/10375.php - Patch, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/312313 - US Government Resource () http://www.kb.cert.org/vuls/id/312313 - US Government Resource
References () http://www.securityfocus.com/advisories/4988 - () http://www.securityfocus.com/advisories/4988 -
References () http://www.securityfocus.com/bid/6241 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/6241 - Patch, Vendor Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A149 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A152 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2816 -
Information

Published : 2002-12-11 05:00

Updated : 2024-11-20 23:41

NVD link : CVE-2002-1317

Mitre link : CVE-2002-1317

CVE.ORG link : CVE-2002-1317

JSON object : View

Products Affected

sun

  • sunos
  • solaris

sgi

  • irix

xfree86_project

  • x11r6

hp

  • hp-ux
CWE
NVD-CWE-Other