CVE-2003-0972
Published Dec 15, 2003
Last updated 8 years ago
Overview
- Description
- Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B90A768-2B20-49E6-949B-F9E3EBEA3CDA"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DAABD8C-EC21-4471-8BF3-13A752BB09DC"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "883C30DF-F5A5-4452-A343-B101E1E30691"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44F58668-CFB1-46CA-B133-CA8345FE5E7E"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43417611-8539-4625-83A0-4D770A969FF6"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C7B9362-8543-4A15-924B-0E2543BCA6DC"
},
{
"criteria": "cpe:2.3:a:gnu:screen:3.9.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB57F818-A570-4CD7-A54A-CDE89806176E"
},
{
"criteria": "cpe:2.3:a:gnu:screen:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4345D52-2904-4524-A76D-E8B0B08FE2A5"
}
],
"operator": "OR"
}
]
}
]