CVE-2004-0109

high

Description

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A940

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10733

https://exchange.xforce.ibmcloud.com/vulnerabilities/15866

http://www.turbolinux.com/security/2004/TLSA-2004-14.txt

http://www.securityfocus.com/bid/10141

http://www.redhat.com/support/errata/RHSA-2004-183.html

http://www.redhat.com/support/errata/RHSA-2004-106.html

http://www.redhat.com/support/errata/RHSA-2004-105.html

http://www.novell.com/linux/security/advisories/2004_09_kernel.html

http://www.mandriva.com/security/advisories?name=MDKSA-2004:029

http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html

http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities

http://www.debian.org/security/2004/dsa-495

http://www.debian.org/security/2004/dsa-491

http://www.debian.org/security/2004/dsa-489

http://www.debian.org/security/2004/dsa-482

http://www.debian.org/security/2004/dsa-481

http://www.debian.org/security/2004/dsa-480

http://www.debian.org/security/2004/dsa-479

http://www.ciac.org/ciac/bulletins/o-127.shtml

http://www.ciac.org/ciac/bulletins/o-121.shtml

http://security.gentoo.org/glsa/glsa-200407-02.xml

http://secunia.com/advisories/12003

http://secunia.com/advisories/11986

http://secunia.com/advisories/11891

http://secunia.com/advisories/11861

http://secunia.com/advisories/11626

http://secunia.com/advisories/11518

http://secunia.com/advisories/11494

http://secunia.com/advisories/11486

http://secunia.com/advisories/11470

http://secunia.com/advisories/11469

http://secunia.com/advisories/11464

http://secunia.com/advisories/11429

http://secunia.com/advisories/11373

http://secunia.com/advisories/11362

http://secunia.com/advisories/11361

http://rhn.redhat.com/errata/RHSA-2004-166.html

http://marc.info/?l=bugtraq&m=108213675028441&w=2

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

Details

Source: Mitre, NVD

Published: 2004-06-01

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High