The SCO Group (SCO UnixWare) Information for VU#336083

Uudecode performs inadequate checks on user-specified output files



Vendor Statement

All of our operating system offerings (Caldera Open UNIX, Caldera OpenLinux, SCO OpenServer) supply uudecode, and all of them have this vulnerability.

We are working on fixes for all our operating systems.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The SCO Group has published SCO Security Advisory CSSA-2002-SCO.44 to address this issue. For more information, please see