CVE-2003-1287
published 2003-12-31CVE-2003-1287: Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl…
PriorityP419medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EPSS
0.42%
33.4th percentile
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p887-wgc2-jm3q: Sambar Server before 6
ghsa_unreviewed·2022-04-29
CVE-2003-1287 [MEDIUM] GHSA-p887-wgc2-jm3q: Sambar Server before 6
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
Red Hat
postgresql: PostgreSQL oidvector discloses a few bytes of memory
vendor_redhat·2026-02-12·CVSS 4.3
CVE-2026-2003 [MEDIUM] CWE-1287 postgresql: PostgreSQL oidvector discloses a few bytes of memory
postgresql: PostgreSQL oidvector discloses a few bytes of memory
Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Secu
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.htmlhttp://secunia.com/advisories/9578http://securitytracker.com/id?1007819http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=truehttp://www.osvdb.org/5781http://www.sambar.com/security.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16059http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.htmlhttp://secunia.com/advisories/9578http://securitytracker.com/id?1007819http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=truehttp://www.osvdb.org/5781http://www.sambar.com/security.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16059
2003-12-31
Published