CVE-2007-2617

Currently unrated

Key Information:

Vendor: Oracle
Status: Net Connect Software
Vendor: CVE Published:; 11 May 2007

Summary

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://osvdb.org/35940

vdb-entryx_refsource_OSVDB

http://www.securitytracker.com/id?1018046

vdb-entryx_refsource_SECTRACK

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 11, 2007
Vulnerability Reserved
May 11, 2007