CVE-2004-1773: Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown…

high7.5CVSS 3.1

AVNACLAuNCPIPAP

Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.

Affected

7 ranges

Vendor	Product	Version range	Fixed in
debian	sharutils	< sharutils 1:4.2.1-12 (bookworm)	sharutils 1:4.2.1-12 (bookworm)
gnu	sharutils	—	—
gnu	sharutils	—	—
gnu	sharutils	>= 0 < 1:4.2.1-12	1:4.2.1-12
gnu	sharutils	>= 0 < 1:4.2.1-12	1:4.2.1-12
gnu	sharutils	>= 0 < 1:4.2.1-12	1:4.2.1-12
gnu	sharutils	>= 0 < 1:4.2.1-12	1:4.2.1-12

CVSS provenance

nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P

osv7.5HIGH