Integer Overflow Vulnerability in XDR Libraries Affecting Multiple Vendors
CVE-2003-0028

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
25 March 2003

Summary

A vulnerability exists in the xdrmem_getbytes() function and potentially other functions within XDR (External Data Representation) libraries, which are derived from SunRPC. This vulnerability can be exploited by remote attackers who provide specific integer values in length fields, leading to arbitrary code execution. This can affect libraries such as libnsl, libc, glibc, and dietlibc, posing significant security risks to systems relying on these libraries.

References

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.