1.1.0

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

curtis-hawthorne

NVD

Published: 2005-12-23

Updated: 2017-07-20

Summary

Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls.

Vulnerable Configurations

Part	Description	Count
Application	Curtis_Hawthorne Curtis Hawthorne Tn3270 Resource Gateway 1.0.0 Curtis Hawthorne Tn3270 Resource Gateway 1.0.1 Curtis Hawthorne Tn3270 Resource Gateway 1.1.0	3

References

http://secunia.com/advisories/18185
http://sourceforge.net/project/shownotes.php?release_id=379592
http://www.vupen.com/english/advisories/2005/3057
https://exchange.xforce.ibmcloud.com/vulnerabilities/23883