本ページは sco open_unix に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2003-0937 | SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. | [email protected] | 4.6 | 0.38% | 2003-12-15 | 2026-06-16 |
| CVE-2003-0834 | Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | [email protected] | 7.2 | 1.22% | 2003-12-01 | 2026-06-16 |
| CVE-2002-1998 | Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | [email protected] | 7.5 | 2.52% | 2002-12-31 | 2026-06-16 |
| CVE-2002-1323 | Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | [email protected] | 4.6 | 0.46% | 2002-12-11 | 2026-06-16 |
| CVE-2001-1579 | The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. | [email protected] | 5.0 | 1.24% | 2001-12-31 | 2026-06-16 |