Vulnerability Report

CVE-2002-0004

RCE

Title: at program malformed execution time heap corruption

RCE

Proof Of Concept

PoC Available for CVE-2002-0004

CWE Category NVD-CWE-noinfo
Published Date Feb 27, 2002
Modified Date Apr 03, 2025
Exploit Status Available
Score 7.2 CVSS v2.0
Exploit Probability (EPSS)
0.27%

Vulnerability Summary

CVE-2002-0004: Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

Impacted Vendors

C
caldera 2

Reference Links

http://marc.info/?l=bugtraq&m=101128661602088&w=2 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://www.debian.org/security/2002/dsa-102 http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.securityfocus.com/bid/3886 https://exchange.xforce.ibmcloud.com/vulnerabilities/7909 http://marc.info/?l=bugtraq&m=101128661602088&w=2 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://www.debian.org/security/2002/dsa-102 http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.securityfocus.com/bid/3886 https://exchange.xforce.ibmcloud.com/vulnerabilities/7909
CVSS v2.0
Source Entity [email protected]
Severity HIGH
7.2
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:L/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-0004 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/21229
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.