Description
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
References (7)
Core 7
Core References
Third Party Advisory, US Government Resource third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-202.shtml
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4030
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11027
Patch, Vendor Advisory third-party-advisory
x_refsource_idefense
http://www.idefense.com/application/poi/display?id=132&type=vulnerabilities
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17095
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57627
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/928598
Scores
EPSS
0.0008
EPSS Percentile
23.0%
Details
Status
published
Products (7)
avaya/call_management_system_server
9.0
avaya/call_management_system_server
11.0
avaya/call_management_system_server
12.0
sun/dtmail
sun/solaris
8.0
sun/solaris
9.0 (2 CPE variants)
sun/sunos
5.8
Published
Aug 24, 2004
Tracked Since
Feb 18, 2026