CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-2017

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile0.32th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.

Affected Platforms (CPE)

📦
Sas

Base

= 8.0
📦
Sas

Integration Technologies

= 8.0

References & Advisories

🔗 http://online.securityfocus.com/archive/1/253183
🔗 http://www.iss.net/security_center/static/8024.php
🔗 http://www.securityfocus.com/bid/3994
🔗 http://online.securityfocus.com/archive/1/253183
🔗 http://www.iss.net/security_center/static/8024.php
🔗 http://www.securityfocus.com/bid/3994

相关漏洞威胁

CVE-2017-1040210.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report...

CVE-2017-1040510.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report...

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1015110.0

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported vers...