Vulnerabilities > CVE-2004-0800 - Local Command Line Format String vulnerability in Sun DtMail
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 1 | |
| OS | 4 |
Oval
| accepted | 2004-12-09T08:46:00.000-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:4030 | ||||
| status | accepted | ||||
| submitted | 2004-10-19T03:09:00.000-04:00 | ||||
| title | DtMail Local Command Line Format String Vulnerability | ||||
| version | 35 |
References
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57627
- http://www.ciac.org/ciac/bulletins/o-202.shtml
- http://www.idefense.com/application/poi/display?id=132&type=vulnerabilities
- http://www.kb.cert.org/vuls/id/928598
- http://www.securityfocus.com/bid/11027
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17095
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4030