7.2

CVE-2002-1420

Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenbsd Version3.0
OpenbsdOpenbsd Version3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.33% 0.245
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=102918817012863&w=2
http://www.iss.net/security_center/static/9809.php
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/259787
US Government Resource
http://www.osvdb.org/7554
http://www.securityfocus.com/bid/5442
Patch
Vendor Advisory