CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2017

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.7%

CVSS Severity

CVSS v2 Score 10.0

References

http://online.securityfocus.com/archive/1/253183
http://www.iss.net/security_center/static/8024.php
http://www.securityfocus.com/bid/3994
http://online.securityfocus.com/archive/1/253183
http://www.iss.net/security_center/static/8024.php
http://www.securityfocus.com/bid/3994

Products affected by CVE-2002-2017

Sas » Base » Version: 8.0

cpe:2.3:a:sas:base:8.0
Sas » Integration Technologies » Version: 8.0

cpe:2.3:a:sas:integration_technologies:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2017

Products

Pricing

Contact Us