CVE-2004-0368

CWE-119 — Buffer Overflow3 documents3 sources

Severity

10.0CRITICAL

EPSS

56.6%

top 1.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX Open Group CDE Common Desktop Environment XI Graphics Dextop

Timeline

PublishedMay 4

Latest updateMay 3

Description

Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDibm/aix4.3.3, 5.1, 5.2+2

▶NVDxi_graphics/dextop2.1, 3.0+1

▶NVDopen_group/cde_common_desktop_environment7 versions+6

🔴Vulnerability Details

GHSA

GHSA-x2m8-j98q-33px: Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a cra↗2022-05-03

▶

CVEList

CVE-2004-0368: Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a cra↗2004-03-25

▶