Vulnerability Details CVE-2004-0793
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.3%
CVSS Severity
CVSS v2 Score 7.2
References
Products affected by CVE-2004-0793
-
cpe:2.3:a:debian:bsdmainutils:6.0
-
cpe:2.3:a:debian:bsdmainutils:6.0.1
-
cpe:2.3:a:debian:bsdmainutils:6.0.10
-
cpe:2.3:a:debian:bsdmainutils:6.0.11
-
cpe:2.3:a:debian:bsdmainutils:6.0.12
-
cpe:2.3:a:debian:bsdmainutils:6.0.13
-
cpe:2.3:a:debian:bsdmainutils:6.0.14
-
cpe:2.3:a:debian:bsdmainutils:6.0.2
-
cpe:2.3:a:debian:bsdmainutils:6.0.3
-
cpe:2.3:a:debian:bsdmainutils:6.0.4
-
cpe:2.3:a:debian:bsdmainutils:6.0.5
-
cpe:2.3:a:debian:bsdmainutils:6.0.6
-
cpe:2.3:a:debian:bsdmainutils:6.0.7
-
cpe:2.3:a:debian:bsdmainutils:6.0.8
-
cpe:2.3:a:debian:bsdmainutils:6.0.9