Overview
The HP Tru64 UNIX implementation of "mailcv" contains a locally exploitable buffer overflow.
Description
"mailcv" converts dxmail style folders to UNIX style folders. A locally exploitable buffer overflow in "mailcv" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. |
Impact
A local user may be able to gain elevated privileges and execute arbitrary code. |
Solution
Apply a patch. |
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to KF for reporting this vulnerability.
This document was written by Ian A Finlay.
Other Information
CVE IDs: | None |
Severity Metric: | 7.50 |
Date Public: | 2002-08-30 |
Date First Published: | 2002-09-13 |
Date Last Updated: | 2002-09-13 13:45 UTC |
Document Revision: | 5 |