Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0369 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

5 documents4 sources
Severity
7.2HIGHNVD
EPSS
1.1%
top 22.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedFeb 1
Latest updateApr 30

Description

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

â–¶NVDsun/sunos9 versions+8
â–¶NVDsun/solaris4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-q8rf-j665-q782: The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access↗2022-04-30
â–¶
CVEList
CVE-1999-0369: The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access↗1999-09-29
â–¶

💥Exploits & PoCs

2
Exploit-DB
DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow↗2001-03-19
â–¶
Exploit-DB
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation↗1998-10-23
â–¶
CVE-1999-0369 — SUN Solaris vulnerability | cvebase