Vulnerability Details CVE-2001-0920
Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.7%
CVSS Severity
CVSS v2 Score 6.2
References
- http://and.sourceforge.net/
- http://marc.info/?l=bugtraq&m=100680319004162&w=2
- http://www.securityfocus.com/bid/3580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7606
- http://and.sourceforge.net/
- http://marc.info/?l=bugtraq&m=100680319004162&w=2
- http://www.securityfocus.com/bid/3580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7606
Products affected by CVE-2001-0920
-
cpe:2.3:a:patrick_schemitz:autonice_daemon:1.0.0
-
cpe:2.3:a:patrick_schemitz:autonice_daemon:1.0.1
-
cpe:2.3:a:patrick_schemitz:autonice_daemon:1.0.2
-
cpe:2.3:a:patrick_schemitz:autonice_daemon:1.0.3
-
cpe:2.3:a:patrick_schemitz:autonice_daemon:1.0.4