Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2099

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-2099
Last Modified 05 Sep 2008 04:32:19
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-2099

Summary

Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.

Vulnerable Systems

Application

  • Gnu Data Display Debugger 3.3.1


References

XF - ddd-home-bo(7979)

SECTRACK - 1003241


Last Updated: 27 May 2016 10:37:36