CVE-2003-0028
Description
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
56.051
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in hp-ux 11.22 | NCM |
| Vulnerabilities CVE-2002-1668 ,CVE-2003-0028 ,CVE-2003-0161 ,CVE-2004-1332 are affected in hp-ux_series_700 10.20 | NCM |
| Vulnerabilities CVE-2002-1668 ,CVE-2003-0028 ,CVE-2003-0161 ,CVE-2004-1332 are affected in hp-ux_series_800 10.20 | NCM |
| CVE-2003-0028 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234