PT-2003-1530 · Slocate · Slocate

Bazarr

Published

2003-05-22

Updated

2016-10-18

CVE-2003-0326

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: slocate (affected versions not specified)

Description: The issue is related to an integer overflow in the parse decode path() function of slocate. This overflow can occur when a LOCATE PATH with a large number of ":" (colon) characters is used, as the count of these characters is utilized in a call to malloc(). This could potentially allow attackers to execute arbitrary code.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0326

Affected Products

Slocate

PT-2003-1530 · Slocate · Slocate

CVE-2003-0326

Related Identifiers

Affected Products

References · 3