VDB
CVE-2004-2731
CVE-2004-2731
PUBLISHED
CVSS 4.400000095367432 MEDIUM
Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.
EPSS 0.14% · 34.1th percentile
Risk Scores
CVSS 2.0
4.400000095367432
EPSS Score
0.14%
34.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| linux | linux_kernel | 2.4.0, 2.4.0, 2.4.0 |
Exploit Intelligence
- 11981 (circl)
- 7345 (circl)
- 1010617 (circl)
- 8363 (circl)
- DSA-1503 (circl)
- 29058 (circl)
- 10632 (circl)
- http://archives.neohapsis.com/archives/bugtraq/2004-06/0463.html (vulncheck-nvd)
- http://www.securiteam.com/unixfocus/5GP0515DFW.html (vulncheck-nvd)
Timeline
- Dec 31, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 29, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- 11981 third-party-advisory
- 7345 vdb
- 1010617 vdb
- 8363 vdb
- 20040629 linux kernel Sbus PROM driver multiple integer overflows mailing-list
- DSA-1503 vendor-advisory
- 29058 third-party-advisory
- http://www.securiteam.com/unixfocus/5GP0515DFW.html url
- 10632 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-2731 advisory