CVE-2007-2617

EPSS 9.03%
Published 11.05.2007 16:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Sun ≫ Net Connect Software Version3.2.3

Sun ≫ Solaris Version10.0 Editionsparc

Sun ≫ Net Connect Software Version3.2.4

Sun ≫ Solaris Version10.0 Editionsparc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.03%	0.918

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=531

http://osvdb.org/35940

http://secunia.com/advisories/25194

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102891-1

Patch

http://www.securityfocus.com/bid/23915

Patch

http://www.securitytracker.com/id?1018046

http://www.vupen.com/english/advisories/2007/1769

https://exchange.xforce.ibmcloud.com/vulnerabilities/34223

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1920

https://nvd.nist.gov/vuln/detail/CVE-2007-2617

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2617

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2617

EUVD