CVE-2002-1605

Name: CVE-2002-1605
Creator: NVD / NIST
Published: 2002-09-02T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 13.32%

Last modified Jun 16, 2026

CVE-2002-1605 is a vulnerability of currently unknown severity. Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.. EPSS estimates a 13.32% chance of exploitation in the next 30 days.

Description

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

Metrics

EPSS Probability

13.32%

95.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Hp	Hp-Ux	10.20
Hp	Hp-Ux	11.00
Hp	Hp-Ux	11.04
Hp	Hp-Ux	11.11
Hp	Hp-Ux	11.22
Hp	Tru64	4.0f
Hp	Tru64	4.0g
Hp	Tru64	5.0a
Hp	Tru64	5.1
Hp	Tru64	5.1a

References

http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txtExploit
http://www.kb.cert.org/vuls/id/569987Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/584243Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/693803Third Party Advisory, US Government Resource
http://www.securityfocus.com/archive/1/290115
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txtExploit
http://www.kb.cert.org/vuls/id/569987Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/584243Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/693803Third Party Advisory, US Government Resource
http://www.securityfocus.com/archive/1/290115
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016

Timeline

Published: Sep 2, 2002
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2002-1605?

How severe is CVE-2002-1605?

Severity scoring for CVE-2002-1605 is pending analysis. The EPSS model estimates a 13.32% probability of exploitation in the next 30 days.

How do I fix CVE-2002-1605?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1605?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST