7.5

CVE-2003-1023

Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.14% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt
http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833
http://fedoranews.org/updates/FEDORA-2004-058.shtml
http://marc.info/?l=bugtraq&m=108118433222764&w=2
http://rhn.redhat.com/errata/RHSA-2004-034.html
http://rhn.redhat.com/errata/RHSA-2004-035.html
http://secunia.com/advisories/10645
http://secunia.com/advisories/10685
http://secunia.com/advisories/10716
http://secunia.com/advisories/10772
http://secunia.com/advisories/10823
http://secunia.com/advisories/11219
http://secunia.com/advisories/11262
http://secunia.com/advisories/11268
http://secunia.com/advisories/11296
http://secunia.com/advisories/9833
http://security.gentoo.org/glsa/glsa-200403-09.xml
Vendor Advisory
http://www.debian.org/security/2004/dsa-424
http://www.mandriva.com/security/advisories?name=MDKSA-2004:007
http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html
http://www.securityfocus.com/bid/8658
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/13247
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822