CVE-2003-0630

Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=106252128221901&w=2
http://www.debian.org/security/2003/dsa-359	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:atari800:atari800:1.0.1:::::::*
	cpe:2.3:o:atari800:atari800:1.0.2:::::::*
	cpe:2.3:o:atari800:atari800:1.0.3:::::::*
	cpe:2.3:o:atari800:atari800:1.0.4:::::::*
	cpe:2.3:o:atari800:atari800:1.0.5:::::::*
	cpe:2.3:o:atari800:atari800:1.0.6:::::::*
	cpe:2.3:o:atari800:atari800:1.0.7:::::::*
	cpe:2.3:o:atari800:atari800:1.2:::::::*
	cpe:2.3:o:atari800:atari800:1.2.1:::::::*
	cpe:2.3:o:atari800:atari800:1.2.1_pre0:::::::*
	cpe:2.3:o:atari800:atari800:1.2.2:::::::*

History

No history.

Information

Published : 2003-10-20 04:00

Updated : 2024-02-04 16:31

NVD link : CVE-2003-0630

Mitre link : CVE-2003-0630

CVE.ORG link : CVE-2003-0630

JSON object : View

Products Affected

atari800

atari800

CWE

NVD-CWE-Other

{"id": "CVE-2003-0630", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-10-20T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=106252128221901&w=2", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2003/dsa-359", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument."}], "lastModified": "2016-10-18T02:36:06.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:atari800:atari800:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "769107FA-4586-498C-966C-D523055314B0"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "165763E0-31F8-49A1-821B-E1DEE139D0F5"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16C91B3F-09E3-496E-90E7-70C00C910853"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C2A8423-45C1-4A30-939A-753001E46932"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C69DFD2-384F-469C-BEC0-488CBB951463"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A6FAAB4-274B-445D-8C6A-087585CC4555"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDE82911-62DC-4F99-A339-9F14E4161ADD"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6065340-2FC8-4F76-A3E5-58750CCBFEB6"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AE91B88-16E7-4FD2-B631-8FD78FB84094"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.2.1_pre0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F784155F-5351-4934-880B-9915A40B2DAC"}, {"criteria": "cpe:2.3:o:atari800:atari800:1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E2EA194-75F8-45CD-B21E-AA7A843AD289"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}