ID
VAR-E-200410-0228
CVE
| cve_id: | CVE-2004-0834 | Trust: 0.3 |
TITLE
Speedtouch USB Driver Local Format String Vulnerability
Trust: 0.3
DESCRIPTION
Speedtouch USB Driver is prone to a locally exploitable format string vulnerability. The problem occurs due to insufficient sanitization of user-supplied data.
This vulnerability may be exploited in order to have arbitrary code executed with superuser privileges.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | speedtouch | model: | usb driver speedtouch usb driver | scope: | eq | version: | 1.3 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver beta3 | scope: | eq | version: | 1.2 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver beta2 | scope: | eq | version: | 1.2 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver beta1 | scope: | eq | version: | 1.2 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver | scope: | eq | version: | 1.2 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver | scope: | eq | version: | 1.1 | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver | scope: | eq | version: | 1.0 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake x86 64 | scope: | eq | version: | 10.1 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 10.1 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake amd64 | scope: | eq | version: | 10.0 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 10.0 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake amd64 | scope: | eq | version: | 9.2 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 9.2 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake ppc | scope: | eq | version: | 9.1 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 9.1 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake ppc | scope: | eq | version: | 8.2 | Trust: 0.3 |
| vendor: | mandriva | model: | linux mandrake | scope: | eq | version: | 8.2 | Trust: 0.3 |
| vendor: | mandrakesoft | model: | multi network firewall | scope: | eq | version: | 2.0 | Trust: 0.3 |
| vendor: | mandrakesoft | model: | corporate server x86 64 | scope: | eq | version: | 2.1 | Trust: 0.3 |
| vendor: | mandrakesoft | model: | corporate server | scope: | eq | version: | 2.1 | Trust: 0.3 |
| vendor: | gentoo | model: | linux | scope: | eq | version: | 1.4 | Trust: 0.3 |
| vendor: | gentoo | model: | linux | scope: | - | version: | - | Trust: 0.3 |
| vendor: | speedtouch | model: | usb driver speedtouch usb driver | scope: | ne | version: | 1.3.1 | Trust: 0.3 |
EXPLOIT
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
Discovery is credited to Max Vozeler.
Trust: 0.3
EXTERNAL IDS
| db: | NVD | id: | CVE-2004-0834 | Trust: 0.3 |
| db: | BID | id: | 11496 | Trust: 0.3 |
REFERENCES
| url: | http://speedtouch.sourceforge.net/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 11496 |
LAST UPDATE DATE
2022-07-27T09:29:07.498000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 11496 | date: | 2009-07-12T08:06:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 11496 | date: | 2004-10-21T00:00:00 |