2.1

CVE-2007-2617

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunNet Connect Software Version3.2.3
   SunSolaris Version10.0 Editionsparc
SunNet Connect Software Version3.2.4
   SunSolaris Version10.0 Editionsparc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.8% 0.886
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=531
http://osvdb.org/35940
http://secunia.com/advisories/25194
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102891-1
Patch
http://www.securityfocus.com/bid/23915
Patch
http://www.securitytracker.com/id?1018046
http://www.vupen.com/english/advisories/2007/1769
https://exchange.xforce.ibmcloud.com/vulnerabilities/34223
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1920