CVE-1999-1330 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.2%

top 52.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Linux Redhat Linux

Timeline

PublishedDec 31

Latest updateApr 30

Description

The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDredhat/linux4.2

Also affects: Debian Linux 4.0

🔴Vulnerability Details

GHSA

GHSA-wjfh-w4xm-h36r: The snprintf function in the db library 1↗2022-04-30

▶

CVEList

CVE-1999-1330: The snprintf function in the db library 1↗2002-03-09

▶