Sign-up

ID

VAR-200308-0081


CVE

CVE-2003-0518


TITLE

Apple Mac OS X Screen saver password prompt buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200308-088

DESCRIPTION

The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. Apple Mac OS X has a screen saver, entitled Screen Effects, with a password feature. Mac OS X is an operating system used on Mac machines, based on the BSD system

Trust: 1.26

sources: NVD: CVE-2003-0518 // BID: 8106 // VULHUB: VHN-7346

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.2.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.3

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.3

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.2.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.4

Trust: 1.0

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

sources: BID: 8106 // CNNVD: CNNVD-200308-088 // NVD: CVE-2003-0518

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-0518
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200308-088
value: MEDIUM

Trust: 0.6

VULHUB: VHN-7346
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2003-0518
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-7346
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-7346 // CNNVD: CNNVD-200308-088 // NVD: CVE-2003-0518

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0518

THREAT TYPE

local

Trust: 0.9

sources: BID: 8106 // CNNVD: CNNVD-200308-088

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 8106 // CNNVD: CNNVD-200308-088

EXTERNAL IDS

db:NVDid:CVE-2003-0518

Trust: 2.0

db:CNNVDid:CNNVD-200308-088

Trust: 0.7

db:BUGTRAQid:20030715 FIXED: MACOSX - CRASH SCREENSAVER LOCKED WITH PASSWORD AND GET THEDESKTOP BACK

Trust: 0.6

db:BUGTRAQid:20030704 MACOSX - CRASH SCREENSAVER LOCKED WITH PASSWORD AND GET THE DESKTOP BACK

Trust: 0.6

db:BIDid:8106

Trust: 0.4

db:VULHUBid:VHN-7346

Trust: 0.1

sources: VULHUB: VHN-7346 // BID: 8106 // CNNVD: CNNVD-200308-088 // NVD: CVE-2003-0518

REFERENCES

url:http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html

Trust: 1.7

url:http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html

Trust: 1.7

url:http://docs.info.apple.com/article.html?artnum=120232

Trust: 1.7

url:http://macslash.org/article.pl?sid=03/07/04/1330224&mode=thread

Trust: 0.3

url:http://www.apple.com/macosx/

Trust: 0.3

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:/archive/1/327837

Trust: 0.3

sources: VULHUB: VHN-7346 // BID: 8106 // CNNVD: CNNVD-200308-088 // NVD: CVE-2003-0518

CREDITS

Delfim Machado※ bipbip@xpto.org

Trust: 0.6

sources: CNNVD: CNNVD-200308-088

SOURCES

db:VULHUBid:VHN-7346
db:BIDid:8106
db:CNNVDid:CNNVD-200308-088
db:NVDid:CVE-2003-0518

LAST UPDATE DATE

2024-08-14T14:16:13.357000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-7346date:2008-09-10T00:00:00
db:BIDid:8106date:2009-07-11T22:56:00
db:CNNVDid:CNNVD-200308-088date:2005-10-20T00:00:00
db:NVDid:CVE-2003-0518date:2008-09-10T19:19:29.617

SOURCES RELEASE DATE

db:VULHUBid:VHN-7346date:2003-08-18T00:00:00
db:BIDid:8106date:2003-07-04T00:00:00
db:CNNVDid:CNNVD-200308-088date:2003-07-04T00:00:00
db:NVDid:CVE-2003-0518date:2003-08-18T04:00:00