CVE-2002-0175

Sažetak

libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html
http://online.securityfocus.com/archive/1/263121
http://www.iss.net/security_center/static/8593.php
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php
http://www.securityfocus.com/bid/4326

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-09-2008 - 00:00

Objavljeno

22-04-2002 - 04:00