CVE-1999-1140

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Dec 14, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1140 is a vulnerability affecting CrackLib version 2.5. This issue involves a buffer overflow in the program's handling of the GECOS field, which is part of a user's account information. If a user supplies a maliciously crafted long GECOS field, they may be able to exploit this flaw and gain root privileges, allowing them to take full control of the affected system. This vulnerability poses a significant risk to local users and highlights the importance of keeping software up-to-date with security patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSS0
https://www.cve.org/CVERecord?id=CVE-1999-1140
https://nvd.nist.gov/vuln/detail/CVE-1999-1140

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Know What Matters

For Customers

For Partners

CVE-1999-1140

CVSS 2.0 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations