CVE Vulnerabilities

CVE-2003-0289

Published: Jun 16, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.

Affected Software

Name Vendor Start Version End Version
Cdrecord Cdrtools 1.11 (including) 1.11 (including)
Cdrecord Cdrtools 2.0 (including) 2.0 (including)

References