7.8
CVE-2005-1941
- EPSS 0.34%
- Veröffentlicht 08.06.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:57
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Silvercity Project ≫ Silvercity Version < 0.9.5_r1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.256 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 3.7 | 1.9 | 6.4 |
AV:L/AC:H/Au:N/C:P/I:P/A:P
|
CWE-276 Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
http://bugs.gentoo.org/show_bug.cgi?id=93558
http://secunia.com/advisories/15632
http://securitytracker.com/id?1014153
http://www.gentoo.org/security/en/glsa/glsa-200506-05.xml