Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0526Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

4 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 67.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Solaris
Timeline
PublishedAug 14
Latest updateApr 30

Description

Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDsun/solaris8.0

Patches

Patch: archives.neohapsis.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-7qc5-86ww-mrvw: Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME envir2022-04-30
CVEList
CVE-2001-0526: Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME envir2002-03-09

💥Exploits & PoCs

1
Exploit-DB
Solaris 8 mailtool - Local Buffer Overflow2001-06-01
CVE-2001-0526 — SUN Solaris vulnerability | cvebase