Vulnerabilities > CVE-2005-3279 - Local Security vulnerability in JAN Kybic Bitmap Viewer 1.2

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

jan-kybic

NVD

Published: 2005-10-23

Updated: 2008-09-05

Summary

Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option.

Vulnerable Configurations

Part	Description	Count
Application	Jan_Kybic JAN Kybic Bitmap Viewer 1.2	1

References

http://felinemenace.org/advisories/bmv_advisory.txt