CVE-1999-1140

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Dec 14, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1140 is a vulnerability affecting CrackLib version 2.5. This issue involves a buffer overflow in the program's handling of the GECOS field, which is part of a user's account information. If a user supplies a maliciously crafted long GECOS field, they may be able to exploit this flaw and gain root privileges, allowing them to take full control of the affected system. This vulnerability poses a significant risk to local users and highlights the importance of keeping software up-to-date with security patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSS0
https://www.cve.org/CVERecord?id=CVE-1999-1140
https://nvd.nist.gov/vuln/detail/CVE-1999-1140

Back to Vulnerability Database

CVE-1999-1140

CVSS 2.0 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations