CVE-2000-1004 — MEDIUM (4.6)

Vulnerability Description

Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Openbsd	Openbsd	2.3

References

http://marc.info/?l=bugtraq&m=97068555106135&w=2
http://www.osvdb.org/6123
https://exchange.xforce.ibmcloud.com/vulnerabilities/5336
http://marc.info/?l=bugtraq&m=97068555106135&w=2
http://www.osvdb.org/6123
https://exchange.xforce.ibmcloud.com/vulnerabilities/5336

FAQ

What is CVE-2000-1004?

CVE-2000-1004 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.

How severe is CVE-2000-1004?

CVE-2000-1004 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2000-1004?

Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openbsd.