Vulnerability Details CVE-2004-1917
Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 89.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html
- http://marc.info/?l=bugtraq&m=108146376315229&w=2
- http://secunia.com/advisories/11333
- http://security.gentoo.org/glsa/glsa-200404-19.xml
- http://www.securityfocus.com/bid/10085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15817
- http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html
- http://marc.info/?l=bugtraq&m=108146376315229&w=2
- http://secunia.com/advisories/11333
- http://security.gentoo.org/glsa/glsa-200404-19.xml
- http://www.securityfocus.com/bid/10085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15817
Products affected by CVE-2004-1917
-
cpe:2.3:a:lcdproc:lcdproc:0.3
-
cpe:2.3:a:lcdproc:lcdproc:0.4
-
cpe:2.3:a:lcdproc:lcdproc:0.4.1_r1
-
cpe:2.3:a:lcdproc:lcdproc:4.0
-
cpe:2.3:a:lcdproc:lcdproc:4.1
-
cpe:2.3:a:lcdproc:lcdproc:4.2
-
cpe:2.3:a:lcdproc:lcdproc:4.3
-
cpe:2.3:a:lcdproc:lcdproc:4.4