CVE-2008-3940

CWE-134Uncontrolled Format String3 documents3 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 75.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Openvms
Timeline
PublishedSep 5
Latest updateMay 2

Description

Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages1 packages

NVDhp/openvms5

🔴Vulnerability Details

2
GHSA
GHSA-8r3h-pvpj-hhcg: Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 52022-05-02
CVEList
CVE-2008-3940: Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 52008-09-05
CVE-2008-3940 (MEDIUM CVSS 4.4) | Format string vulnerability in the | cvebase.io