Vulnerabilities (CVE)

Filtered by vendor Sco Subscribe
Filtered by product Open Unix
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0937 1 Sco 2 Open Unix, Unixware 2024-11-20 4.6 MEDIUM N/A
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
CVE-2003-0834 1 Sco 2 Open Unix, Unixware 2024-11-20 7.2 HIGH N/A
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
CVE-2002-1998 1 Sco 2 Open Unix, Unixware 2024-11-20 7.5 HIGH N/A
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).
CVE-2002-1323 5 Redhat, Safe.pm, Sco and 2 more 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more 2024-11-20 4.6 MEDIUM N/A
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
CVE-2001-1579 1 Sco 2 Open Unix, Unixware 2024-11-20 5.0 MEDIUM N/A
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.