CVE-2003-0414

Currently unrated

Key Information:

Vendor: Oracle
Status: One Application Server
Vendor: CVE Published:; 30 June 2003

Summary

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.

References

http://www.spidynamics.com/sunone_alert.html

x_refsource_MISC

http://www.iss.net/security_center/static/12096.php

vdb-entryx_refsource_XF

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Jun 30, 2003
Vulnerability Reserved
Jun 10, 2003