CVE-2003-0625

High

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request…

mitre·CWE-193·Published 2003-08-01

CVSS

7.5

EPSS

0.07

KEV

Exploits

Vendor statements (1)

debian.org

cve.orgen

215 chars

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.

NVDes

262 chars

Error-por-uno en ciertas versiones de xfstt permite a atacantes remotos leer memoria potencialmente sensible mediante un petición de cliente malformada en la iniciación (handshake) de la conexión, que filtra contenidos de la memoria en la respuesta del servidor.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.4	10.0	4.9	AV:N/AC:L/Au:N/C:P/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N