4.6

CVE-2002-0973

EPSS 0.09%
Published 24.09.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Freebsd ≫ Freebsd Version4.0

Freebsd ≫ Freebsd Version4.1

Freebsd ≫ Freebsd Version4.1.1

Freebsd ≫ Freebsd Version4.1.1 Updaterelease

Freebsd ≫ Freebsd Version4.1.1 Updatestable

Freebsd ≫ Freebsd Version4.2

Freebsd ≫ Freebsd Version4.2 Updatestable

Freebsd ≫ Freebsd Version4.3

Freebsd ≫ Freebsd Version4.3 Updaterelease

Freebsd ≫ Freebsd Version4.3 Updatestable

Freebsd ≫ Freebsd Version4.4

Freebsd ≫ Freebsd Version4.4 Updatestable

Freebsd ≫ Freebsd Version4.5

Freebsd ≫ Freebsd Version4.5 Updaterelease

Freebsd ≫ Freebsd Version4.5 Updatestable

Freebsd ≫ Freebsd Version4.6

Freebsd ≫ Freebsd Version4.6 Updaterelease

Freebsd ≫ Freebsd Version4.6.1 Updaterelease_p10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.225

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=102976839728706&w=2

http://www.iss.net/security_center/static/9903.php

http://www.securityfocus.com/bid/5493

https://nvd.nist.gov/vuln/detail/CVE-2002-0973

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0973

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0973

EUVD