8.4

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Data GeneralDg Ux Version1.0
Data GeneralDg Ux Version2.0
Data GeneralDg Ux Version3.0
Data GeneralDg Ux Version4.0
Data GeneralDg Ux Version5.0
Data GeneralDg Ux Version6.0
Data GeneralDg Ux Version7.0
SgiIrix Version5.0
SgiIrix Version5.0.1
SgiIrix Version5.1
SgiIrix Version5.1.1
SgiIrix Version5.2
SgiIrix Version5.3
SgiIrix Version5.3 Editionxfs
SgiIrix Version6.0
SgiIrix Version6.0.1
SgiIrix Version6.0.1 Editionxfs
SgiIrix Version6.1
SgiIrix Version6.3
SgiIrix Version6.4
BsdiBsd Os Version2.1
DebianDebian Linux Version0.93
DebianDebian Linux Version1.1
DebianDebian Linux Version1.2
DebianDebian Linux Version1.3
HpHp-ux Version10.00
HpHp-ux Version10.01
HpHp-ux Version10.08
HpHp-ux Version10.10
HpHp-ux Version10.16
HpHp-ux Version10.20
HpHp-ux Version10.24
HpHp-ux Version10.30
HpHp-ux Version10.34
IbmAix Version3.2
IbmAix Version4.1
IbmAix Version4.2
SunSolaris Version2.4 Editionx86
SunSolaris Version2.5 Editionx86
SunSolaris Version2.5.1 Editionppc
SunSolaris Version2.5.1 Editionx86
SunSunos Version5.3
SunSunos Version5.4
SunSunos Version5.5
SunSunos Version5.5.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.268
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.4 2.5 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.