CVE-2003-0099 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Apcupsd

5 documents5 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 68.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apcupsd Debian Apcupsd APC Apcupsd

Timeline

PublishedMar 3

Latest updateMay 3

Description

Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/apcupsd< apcupsd 3.8.5-1.2 (bookworm)

▶Debianapcupsd/apcupsd< 3.8.5-1.2+3

▶NVDapc/apcupsd3.8.5

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-26pm-xqvm-vjf3: Multiple buffer overflows in apcupsd before 3↗2022-05-03

▶

OSV

CVE-2003-0099: Multiple buffer overflows in apcupsd before 3↗2003-03-03

▶

💥Exploits & PoCs

Exploit-DB

Valdersoft Shopping Cart 3.0 - Remote Command Execution↗2006-01-03

▶

📋Vendor Advisories

Debian

CVE-2003-0099: apcupsd - Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may...↗2003

▶