CVE-2002-2099

GNU DataDisplay Debugger 3.3.1 - Buffer Overflow via HOME Environment Variable

Title source: llm
STIX 2.1

Description

Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7979
Exploit, Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1003241

Scores

EPSS 0.0006
EPSS Percentile 19.9%

Details

Status published
Products (1)
gnu/data_display_debugger 3.3.1
Published Dec 31, 2002
Tracked Since Feb 18, 2026