CVE-2004-0834

Published: Dec 23, 2004Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

Affected (22)

Products: Mandrakesoft: Mandrake Multi Network Firewall, Mandrake Linux, Mandrake Linux Corporate Server · Speedtouch: Speedtouch Usb Driver · Gentoo: Linux

Mandrakesoft

3 products

Mandrake Multi Network Firewall

Mandrake Linux

Mandrake Linux Corporate Server

Speedtouch

1 product

Speedtouch Usb Driver

Gentoo

1 product

Linux

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Mandrakesoft Mandrake Multi Network Firewall	Version 8.2
Speedtouch Speedtouch Usb Driver	Version 1.0
Speedtouch Speedtouch Usb Driver	Version 1.1
Speedtouch Speedtouch Usb Driver	Version 1.2
Speedtouch Speedtouch Usb Driver	Version 1.2_beta1
Speedtouch Speedtouch Usb Driver	Version 1.2_beta2
Speedtouch Speedtouch Usb Driver	Version 1.2_beta3
Speedtouch Speedtouch Usb Driver	Version 1.3

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	Version 1.4
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 8.2
Mandrakesoft Mandrake Linux	Version 8.2
Mandrakesoft Mandrake Linux	Version 9.0
Mandrakesoft Mandrake Linux	Version 9.1
Mandrakesoft Mandrake Linux	Version 9.1
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1