Home > Vulnerability Database > CVE-2003-0476

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2003-0476

Date: June 27, 2003

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

Severity Score

4.0

Related Resources (11)

Url: http://www.redhat.com/support/errata/RHSA-2003-368.html

Url: http://www.redhat.com/support/errata/RHSA-2003-238.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2003-0476

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A327

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2003:074

Url: http://marc.info/?l=bugtraq&m=105664924024009&w=2

Url: http://www.redhat.com/support/errata/RHSA-2003-408.html

Url: http://www.debian.org/security/2004/dsa-423

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2003-0476

Url: http://www.debian.org/security/2004/dsa-358

Url: https://www.mend.io/vulnerability-database/CVE-2003-0476

Severity Score

4.0

CVSS v3.1

Base Score:	4.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	2.1
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us