Common Vulnerabilities & Exposures

CVEおよび対応表

モンタビスタでは、セキュリティの脅威に対応するためコミュニティおよびマーケットの状況を常時モニターしています。 影響のある製品には、CVEのスコア(NVD:脆弱性情報データベース)に沿って修正対応の優先順位の決定を行っています。以下は対策済および対策中のCVEとなります。

CVEに関するお問い合わせについては、こちらのアドレスまで「英文」にてお知らせください。> security@mvista.com

CVE Filters

CVE List 2002

CVE Score Severity Package Description Published
CVE-2002-2439 4.0 Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. October 24, 2019 03:10 am
CVE-2002-0655 7.5 High openssl OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. August 12, 2002 13:08 pm
CVE-2002-1436 7.5 High netware The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. April 11, 2003 13:04 pm
CVE-2002-0659 5.0 Medium openssl The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. August 12, 2002 13:08 pm
CVE-2002-1216 5.0 Medium tar GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. October 28, 2002 14:10 pm
CVE-2002-0657 7.5 High openssl Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key. August 12, 2002 13:08 pm
CVE-2002-0656 7.5 High openssl Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. August 12, 2002 13:08 pm
CVE-2002-2185 4.9 Medium kernel The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. December 31, 2002 14:12 pm
CVE-2002-1438 5.0 Medium netware The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. April 11, 2003 13:04 pm
CVE-2002-1437 5.0 Medium netware Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences. April 11, 2003 13:04 pm