Description
Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.
References (4)
Core 4
Core References
Mailing List x_refsource_misc
http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html
Vendor Advisory x_refsource_confirm
http://speedtouch.sourceforge.net/index.php?/news.en.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17792
Product x_refsource_confirm
http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734
Scores
EPSS
0.0005
EPSS Percentile
15.9%
Details
Status
published
Products (16)
gentoo/linux
1.4
mandrakesoft/mandrake_linux
8.2 (2 CPE variants)
mandrakesoft/mandrake_linux
9.0
mandrakesoft/mandrake_linux
9.1 (2 CPE variants)
mandrakesoft/mandrake_linux
9.2 (2 CPE variants)
mandrakesoft/mandrake_linux
10.0 (2 CPE variants)
mandrakesoft/mandrake_linux
10.1 (2 CPE variants)
mandrakesoft/mandrake_linux_corporate_server
2.1 (2 CPE variants)
mandrakesoft/mandrake_multi_network_firewall
8.2
speedtouch/speedtouch_usb_driver
1.0
... and 6 more
Published
Dec 23, 2004
Tracked Since
Feb 18, 2026