CVE-2003-0630

NameCVE-2003-0630
DescriptionMultiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-359
NVD severityhigh (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
atari800 (PTS)wheezy/contrib2.2.1-2fixed
jessie/contrib3.1.0-1fixed
sid/contrib, buster/contrib, stretch/contrib3.1.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
atari800source(unstable)1.3.1-2high
atari800sourcewoody1.2.2-1woody2highDSA-359

Search for package or bug name: Reporting problems