VDB
CVE-2002-1317
CVE-2002-1317
PUBLISHED
CVSS 7.5 HIGH
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
EPSS 50.21% · 97.9th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
50.21%
97.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| xfree86_project | x11r6 | 3.3.5, 3.3, 3.3.2 |
| sun | solaris | 9.0, 9.0, 2.5.1 |
| sgi | irix | 6.5.6, 6.5, 6.5.2 |
| hp | hp-ux | 11.11, 10.10, 10.20 |
| sun | sunos | 5.8, 5.7, 5.5.1 |
| n/a | n/a | n/a |
Timeline
- Dec 11, 2002 CVE Published
- Sep 23, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Aug 9, 2023 EPSS Score
References
- HPSBUX0212-228 vendor-advisory
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879 url
- 20021125 ISS Security Brief: Solaris fs.auto Remote Compromise Vulnerability mailing-list
- oval:org.mitre.oval:def:149 vdb
- CA-2002-34 third-party-advisory
- oval:org.mitre.oval:def:152 vdb
- oval:org.mitre.oval:def:2816 vdb
- VU#312313 third-party-advisory
- 20021125 Solaris fs.auto Remote Compromise Vulnerability third-party-advisory
- solaris-fsauto-execute-code(10375) vdb
- 20021202-01-I vendor-advisory
- 6241 vdb
- N-024 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2002-1317 advisory