Lucene search

[email protected]CVE-1999-1137

HistoryOct 01, 1993 - 4:00 a.m.

CVE-1999-1137

1993-10-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1137

solaris 2.2

sunos 4.1.x

device permissions

microphone monitoring

nvd

7 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.9%

JSON

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

CPENameOperatorVersion
sun:solarissun solariseq*
sun:sunossun sunoseq4.1
sun:sunossun sunoseq5.0
sun:sunossun sunoseq*
sun:sunossun sunosle5.2

CPE	Name	Operator	Version
sun:solaris	sun solaris	eq	*
sun:sunos	sun sunos	eq	4.1
sun:sunos	sun sunos	eq	5.0
sun:sunos	sun sunos	eq	*
sun:sunos	sun sunos	le	5.2

References

sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba

www.ciac.org/ciac/bulletins/e-01.shtml

www.osvdb.org/6436

exchange.xforce.ibmcloud.com/vulnerabilities/549

7 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.9%

JSON

Related for CVE-1999-1137

cvelist1