Home > Vulnerability Database > CVE-2004-0685

Mend.io Vulnerability Database

CVE-2004-0685

Date: October 25, 2004

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

Severity Score

5.9

Related Resources (22)

Url: http://www.trustix.net/errata/2004/0041/

Url: http://www.debian.org/security/2006/dsa-1069

Url: https://bugzilla.fedora.us/show_bug.cgi?id=2336

Url: http://www.redhat.com/support/errata/RHSA-2004-505.html

Url: http://www.debian.org/security/2006/dsa-1067

Url: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127921

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-0685

Url: http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2004-0685

Url: http://secunia.com/advisories/20202

Url: http://www.securityfocus.com/bid/10892

Url: http://secunia.com/advisories/20338

Url: http://www.redhat.com/support/errata/RHSA-2004-504.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10665

Url: http://www.kb.cert.org/vuls/id/981134

Url: http://www.securityspace.com/smysecure/catid.html?id=14580

Url: http://secunia.com/advisories/20162

Url: http://secunia.com/advisories/20163

Url: http://www.debian.org/security/2006/dsa-1070

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16931

Url: http://www.debian.org/security/2006/dsa-1082

Url: https://www.mend.io/vulnerability-database/CVE-2004-0685

Severity Score

5.9

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2004-0685

Date: October 25, 2004

Severity Score

Related Resources (22)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?