CVE-2002-0499
LowThe d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.
CVSS 2.0 score
2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N
References
The following references provide additional information about CVE-2002-0499 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
-
-
Vendor Advisory
-
Securityfocushttp://www.securityfocus.com/archive/1/264117Vendor Advisory
-
Securityfocushttp://www.securityfocus.com/bid/4367Exploit Vendor Advisory
Frequently asked questions
-
What is CVE-2002-0499?
CVE-2002-0499 is a Low severity Linux kernel vulnerability with a CVSS score of 2.1 out of 10 . CVE-2002-0499 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2002-0499?
CVE-2002-0499 has a CVSS score of 2.1 out of 10, rated Low severity (CVSS 2.0). The vector string is
AV:L/AC:L/Au:N/C:N/I:P/A:N. -
Is there a patch available for CVE-2002-0499?
No patch is currently available for CVE-2002-0499. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2002-0499 actively exploited?
No — CVE-2002-0499 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.