Follow @discotekdotca
CVE-2003-0071
Current Description
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
| Referenced by CVEs: | CVE-2008-2383 |
Basic Data
| Published | March 03, 2003 |
|---|---|
| Last Modified | October 18, 2016 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | NVD-CWE-Other |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:L/AC:L/Au:N/C:N/I:N/A:P |
| CVSS 2 - Access Vector | LOCAL |
| CVSS 2 - Access Complexity | LOW |
| CVSS 2 - Authentication | NONE |
| CVSS 2 - Confidentiality Impact | NONE |
| CVSS 2 - Availability Impact | PARTIAL |
| CVSS 2 - Base Score | 2.1 |
| Severity | LOW |
| Exploitability Score | 3.9 |
| Impact Score | 2.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Application Xfree86 Project X11r6 4.0 * * * * * * * � � � � 2.3 Application Xfree86 Project X11r6 4.0.1 * * * * * * * � � � � 2.3 Application Xfree86 Project X11r6 4.0.3 * * * * * * * � � � � 2.3 Application Xfree86 Project X11r6 4.1.0 * * * * * * * � � � � 2.3 Application Xfree86 Project X11r6 4.2.0 * * * * * * * � � � � 2.3 Application Xfree86 Project X11r6 4.2.1 * * * * * * * � � � �
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Xfree86 Project | X11r6 | 4.0, 4.0.1, 4.0.3, 4.1.0, 4.2.0, 4.2.1 |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| 20030224 Terminal Emulator Security Issues | http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html | VULNWATCH | Vendor Advisory |
| 20030224 Terminal Emulator Security Issues | http://marc.info/?l=bugtraq&m=104612710031920&w=2 | BUGTRAQ | |
| DSA-380 | http://www.debian.org/security/2003/dsa-380 | DEBIAN | |
| terminal-emulator-dec-udk(11415) | http://www.iss.net/security_center/static/11415.php | XF | Vendor Advisory |
| RHSA-2003:064 | http://www.redhat.com/support/errata/RHSA-2003-064.html | REDHAT | |
| RHSA-2003:065 | http://www.redhat.com/support/errata/RHSA-2003-065.html | REDHAT | |
| RHSA-2003:066 | http://www.redhat.com/support/errata/RHSA-2003-066.html | REDHAT | |
| RHSA-2003:067 | http://www.redhat.com/support/errata/RHSA-2003-067.html | REDHAT | |
| 6950 | http://www.securityfocus.com/bid/6950 | BID |