Buffer Overflow in ToolTalk Shared Library Affects Multiple Platforms
CVE-1999-0693

Currently unrated

Key Information:

Vendor: IBM
Status: Aix; HP-ux; Unixware
Vendor: CVE Published:; 2 March 2000

Summary

A buffer overflow vulnerability in the TT_SESSION environment variable of the ToolTalk shared library permits local users to execute arbitrary code with elevated root privileges. This flaw poses significant security risks, allowing unauthorized access to system resources and potential system compromise. It is crucial for organizations to evaluate the presence of this vulnerability in their systems and apply necessary mitigations.

References

http://www.securityfocus.com/bid/641

vdb-entryx_refsource_BID

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=H...

vendor-advisoryx_refsource_HP

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 2, 2000
Vulnerability Reserved
Nov 25, 1999