SCO Information for VU#575804

CDE libDtHelp vulnerable to buffer overflow via DTHELPUSERSEARCHPATH or DTHELPSEARCHPATH

Status

Affected

Vendor Statement

Vulnerable Supported Versions
- -----------------------------
UnixWare 7.1.3
Open UNIX 8.0.0 (a.k.a UnixWare 7.1.2)
UnixWare 7.1.1

Location of Fixed Binaries
- --------------------------
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.31

SCO security resources can be found at

http://www.sco.com/support/security/index.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.