Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1014 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

4 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

0.3%

top 43.02%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedSep 13

Latest updateApr 30

Description

Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

GHSA

GHSA-wjjj-fm3r-rj8h: Buffer overflow in mail command in Solaris 2↗2022-04-30

▶

CVEList

CVE-1999-1014: Buffer overflow in mail command in Solaris 2↗2002-03-09

▶

Exploit-DB

Solaris 7.0 /usr/bin/mail - '-m' Local Buffer Overflow↗1999-09-12

▶