CVE-2003-0333Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Hp-ux

3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 57.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Hp-ux
Timeline
PublishedMay 19
Latest updateApr 29

Description

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDhp/hp-ux10.20, 11.00+1

🔴Vulnerability Details

2
GHSA
GHSA-c6w7-f575-7q9f: Multiple buffer overflows in kermit in HP-UX 102022-04-29
CVEList
CVE-2003-0333: Multiple buffer overflows in kermit in HP-UX 102003-05-23
CVE-2003-0333 — HP Hp-ux vulnerability | cvebase