CVE-2003-0102

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:file:file:3.28:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.30:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.32:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.33:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.34:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.35:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.36:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.37:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.39:*:*:*:*:*:*:*
cpe:2.3:a:file:file:3.40:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*

History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc - () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc -
References () http://lwn.net/Alerts/34908/ - () http://lwn.net/Alerts/34908/ -
References () http://marc.info/?l=bugtraq&m=104680706201721&w=2 - () http://marc.info/?l=bugtraq&m=104680706201721&w=2 -
References () http://www.debian.org/security/2003/dsa-260 - () http://www.debian.org/security/2003/dsa-260 -
References () http://www.idefense.com/advisory/03.04.03.txt - Exploit, Patch, Vendor Advisory () http://www.idefense.com/advisory/03.04.03.txt - Exploit, Patch, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/611865 - US Government Resource () http://www.kb.cert.org/vuls/id/611865 - US Government Resource
References () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030 - () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030 -
References () http://www.novell.com/linux/security/advisories/2003_017_file.html - () http://www.novell.com/linux/security/advisories/2003_017_file.html -
References () http://www.redhat.com/support/errata/RHSA-2003-086.html - () http://www.redhat.com/support/errata/RHSA-2003-086.html -
References () http://www.redhat.com/support/errata/RHSA-2003-087.html - () http://www.redhat.com/support/errata/RHSA-2003-087.html -
References () http://www.securityfocus.com/bid/7008 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/7008 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/11469 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/11469 -

Information

Published : 2003-03-18 05:00

Updated : 2024-11-20 23:43


NVD link : CVE-2003-0102

Mitre link : CVE-2003-0102

CVE.ORG link : CVE-2003-0102


JSON object : View

Products Affected

netbsd

  • netbsd

file

  • file