Vulnerabilities > CVE-2003-0834 - Local Buffer Overflow vulnerability in SCO Open Unix and Unixware

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
sco
exploit available
NVD
Published: 2003-12-01
Updated: 2018-05-03

Summary

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.

Vulnerable Configurations

Part Description Count
OS
Sco
3

Exploit-Db

  • descriptionSolaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation. CVE-2003-0834. Local exploit for Solaris platform
    idEDB-ID:40729
    last seen2016-11-09
    modified2004-12-04
    published2004-12-04
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/40729/
    titleSolaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
  • descriptionSolaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation. CVE-2003-0834. Local exploit for Solaris platform
    idEDB-ID:40728
    last seen2016-11-09
    modified2004-12-04
    published2004-12-04
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/40728/
    titleSolaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation

Oval

accepted2005-06-29T06:49:00.000-04:00
classvulnerability
contributors
  • nameBrian Soby
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
descriptionBuffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
familyunix
idoval:org.mitre.oval:def:5141
statusaccepted
submitted2005-01-19T12:00:00.000-04:00
titleCDE libDtHelp Buffer Overflow
version36

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:62957
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-62957
    titleSolaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow Exploit (2)
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:9100
    last seen2017-11-19
    modified2008-07-16
    published2008-07-16
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-9100
    titleSolaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:5359
    last seen2017-11-19
    modified2006-10-28
    published2006-10-28
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-5359
    titleSolaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit (2)

References