CVE-2017-1000203

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-1000203

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000203.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000203

Related

Published

2017-11-17T15:29:00Z

Modified

2025-04-20T03:34:53.599083Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution

References

https://github.com/root-project/root/commit/88ccff152604e0f1012653a596d802ff7ede3145#diff-6cd6f6c31bac70116b7ca7abdc8e517e

Affected packages

Git / github.com/root-project/root

Affected ranges

Type: GIT
Repo: https://github.com/root-project/root
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

88ccff152604e0f1012653a596d802ff7ede3145

Fixed

88ccff152604e0f1012653a596d802ff7ede3145

Affected versions

Other

v5-99-03

v5-99-03-01

v5-99-03-02

v5-99-04

v5-99-05

v5-99-05-lhcb

v5-99-06

v6-00-00

v6-00-01

v6-01-03-CMS

v6-03-01-GEANT

v6-03-02

v6-03-04

v6-05-01

v6-05-02

v6-06-00-rc1

v6-07-01-ROOTaaS-1

v6-07-01-SMC

v6-07-02

v6-07-04

v6-07-06

v6-07-07-aliceml

v6-09-01

v6-09-02