Vulnerability in N/a
CVE-2003-0027
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
EPSS: 0.721 (98.8th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- www.entercept.com/news/uspr/01-22-03.asp (x_refsource_MISC)
- 6665 (vdb-entry, x_refsource_BID)
- 50104 (vendor-advisory, x_refsource_SUNALERT)
- VU#850785 (x_refsource_CERT-VN, third-party-advisory)
- oval:org.mitre.oval:def:2592 (signature, x_refsource_OVAL, vdb-entry)
- oval:org.mitre.oval:def:120 (signature, x_refsource_OVAL, vdb-entry)
- solaris-kcms-directory-traversal(11129) (vdb-entry, x_refsource_XF)
- oval:org.mitre.oval:def:195 (signature, x_refsource_OVAL, vdb-entry)
- 20030122 Entercept Ricochet Advisory: Sun Solaris KCMS Library Service Daemon Arbitrary File Retrieval Vulner (mailing-list, x_refsource_BUGTRAQ)
Frequently asked questions
- What is CVE-2003-0027?
- CVE-2003-0027 is a vulnerability in N/a. Published 2004-09-01.
- Is CVE-2003-0027 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.