Vulnerability Details CVE-2004-0450
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.09
EPSS Ranking 92.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://felinemenace.org/~jaguar/advisories/log2mail.txt
- http://osvdb.org/6711
- http://secunia.com/advisories/11768
- http://secunia.com/advisories/11769
- http://www.debian.org/security/2004/dsa-513
- http://www.securityfocus.com/bid/10460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16311
- http://felinemenace.org/~jaguar/advisories/log2mail.txt
- http://osvdb.org/6711
- http://secunia.com/advisories/11768
- http://secunia.com/advisories/11769
- http://www.debian.org/security/2004/dsa-513
- http://www.securityfocus.com/bid/10460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16311
Products affected by CVE-2004-0450
-
cpe:2.3:a:log2mail:log2mail:0.2.2.2
-
cpe:2.3:a:log2mail:log2mail:0.2.5.0
-
cpe:2.3:a:log2mail:log2mail:0.2.5.1
-
cpe:2.3:a:log2mail:log2mail:0.2.5.2