CyberSec.Space Logo
Back to CVE Browser

CVE-2002-2017

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile0.32th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.

Affected Platforms (CPE)

πŸ“¦
Sas

Base

= 8.0
πŸ“¦
Sas

Integration Technologies

= 8.0

References & Advisories

πŸ”— http://online.securityfocus.com/archive/1/253183
πŸ”— http://www.iss.net/security_center/static/8024.php
πŸ”— http://www.securityfocus.com/bid/3994
πŸ”— http://online.securityfocus.com/archive/1/253183
πŸ”— http://www.iss.net/security_center/static/8024.php
πŸ”— http://www.securityfocus.com/bid/3994

Related Vulnerabilities

CVE-2017-1040210.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report...

CVE-2017-1040510.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report...

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1015110.0

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported vers...