CVE-2003-0630 — HIGH (7.2) — White Hats Nepal

Vulnerability Description

Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Atari800	Atari800	1.0.1

References

http://marc.info/?l=bugtraq&m=106252128221901&w=2
http://www.debian.org/security/2003/dsa-359PatchVendor Advisory
http://marc.info/?l=bugtraq&m=106252128221901&w=2
http://www.debian.org/security/2003/dsa-359PatchVendor Advisory

FAQ

What is CVE-2003-0630?

CVE-2003-0630 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated...

How severe is CVE-2003-0630?

CVE-2003-0630 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0630?

Check the references section above for vendor advisories and patch information. Affected products include: Atari800 Atari800.