CVE-2004-1773

critical

Description

Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11093

https://bugzilla.fedora.us/show_bug.cgi?id=2155

http://www.securityfocus.com/bid/11298

http://www.redhat.com/support/errata/RHSA-2005-377.html

http://security.gentoo.org/glsa/glsa-200410-01.xml

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics