Open Unix
by SCO Group
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0834 | 0.03 | — | 0.01 | Dec 1, 2003 | Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | |||
| CVE-2003-0937 | 0.00 | — | 0.00 | Dec 15, 2003 | SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open… | |||
| CVE-2002-1998 | 0.00 | — | 0.03 | Dec 31, 2002 | Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||
| CVE-2002-1323 | 0.00 | — | 0.00 | Dec 11, 2002 | Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||
| CVE-2002-1231 | 0.00 | — | 0.00 | Nov 4, 2002 | SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. | |||
| CVE-2002-0988 | 0.00 | — | 0.02 | Sep 24, 2002 | Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | |||
| CVE-2001-1579 | 0.00 | — | 0.01 | Dec 31, 2001 | The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. |
- CVE-2003-0834Dec 1, 2003risk 0.03cvss —epss 0.01
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
- CVE-2003-0937Dec 15, 2003risk 0.00cvss —epss 0.00
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open…
- CVE-2002-1998Dec 31, 2002risk 0.00cvss —epss 0.03
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
- CVE-2002-1323Dec 11, 2002risk 0.00cvss —epss 0.00
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
- CVE-2002-1231Nov 4, 2002risk 0.00cvss —epss 0.00
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
- CVE-2002-0988Sep 24, 2002risk 0.00cvss —epss 0.02
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
- CVE-2001-1579Dec 31, 2001risk 0.00cvss —epss 0.01
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.