CVE-2003-1359 : Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command

Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.

Published 2003-12-31 05:00:00

Updated 2017-10-11 01:29:19

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Exploit prediction scoring system (EPSS) score for CVE-2003-1359

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2003-1359

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2003-1359

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2003-1359

Products affected by CVE-2003-1359

HP » Hp-ux » Version: 11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.01
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.34
cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.10
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.16
cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.24
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.30
cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.00
cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.08
cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.09
cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.26
cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.04
cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.0.4
cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.20
cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.22
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
Matching versions
Avaya » Predictive Dialer System » Version: 12
cpe:2.3:a:avaya:predictive_dialer_system:12:*:*:*:*:*:*:*
Matching versions
Avaya » Predictive Dialer System » Version: 9.0
cpe:2.3:a:avaya:predictive_dialer_system:9.0:*:*:*:*:*:*:*
Matching versions
Avaya » Predictive Dialer System » Version: 11
cpe:2.3:a:avaya:predictive_dialer_system:11:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2003-1359

Exploit prediction scoring system (EPSS) score for CVE-2003-1359

CVSS scores for CVE-2003-1359

CWE ids for CVE-2003-1359

References for CVE-2003-1359

Products affected by CVE-2003-1359