CVE-2002-0218

Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sas:sas_base:8.0:*:*:*:*:*:*:*
cpe:2.3:a:sas:sas_base:8.1:*:*:*:*:*:*:*
cpe:2.3:a:sas:sas_integration_technologies:8.0:*:*:*:*:*:*:*
cpe:2.3:a:sas:sas_integration_technologies:8.1:*:*:*:*:*:*:*

History

20 Nov 2024, 23:38

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html - Vendor Advisory () http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html - Vendor Advisory
References () http://online.securityfocus.com/archive/1/252847 - () http://online.securityfocus.com/archive/1/252847 -
References () http://online.securityfocus.com/archive/1/252891 - Vendor Advisory () http://online.securityfocus.com/archive/1/252891 - Vendor Advisory
References () http://www.iss.net/security_center/static/8018.php - Patch () http://www.iss.net/security_center/static/8018.php - Patch
References () http://www.sas.com/service/techsup/unotes/SN/004/004201.html - Patch, Vendor Advisory () http://www.sas.com/service/techsup/unotes/SN/004/004201.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/3980 - () http://www.securityfocus.com/bid/3980 -

Information

Published : 2002-05-16 04:00

Updated : 2024-11-20 23:38


NVD link : CVE-2002-0218

Mitre link : CVE-2002-0218

CVE.ORG link : CVE-2002-0218


JSON object : View

Products Affected

sas

  • sas_base
  • sas_integration_technologies