Detections
Analytics

CVE-2003-1236

critical

Description

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

References

http://www.securitytracker.com/id?1005900

http://www.iss.net/security_center/static/11006.php

http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2

http://secunia.com/advisories/7831

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2008-09-05

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical