CVE Vulnerabilities

CVE-2004-1916

Published: Apr 08, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to execute arbitrary code via (1) a long invalid command to parse_all_client_messages function, or (2) long argv command to test_func_func function.

Affected Software

Name Vendor Start Version End Version
Lcdproc Lcdproc 0.3 0.3
Lcdproc Lcdproc 0.4 0.4
Lcdproc Lcdproc 0.4.1_r1 0.4.1_r1
Lcdproc Lcdproc 4.0 4.0
Lcdproc Lcdproc 4.1 4.1
Lcdproc Lcdproc 4.2 4.2
Lcdproc Lcdproc 4.3 4.3
Lcdproc Lcdproc 4.4 4.4

References