Lucene search

[email protected]CVE-2006-4319

HistoryAug 24, 2006 - 1:04 a.m.

CVE-2006-4319

2006-08-2401:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4319

buffer overflow

solaris

format command

arbitrary code

vulnerability

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.4%

JSON

Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the “File System Management” RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.

CPENameOperatorVersion
sun:solarissun solariseq10.0
sun:solarissun solariseq8.0
sun:sunossun sunoseq5.8
sun:solarissun solariseq9.0
sun:sunossun sunoseq5.10
sun:sunossun sunoseq5.9

CPE	Name	Operator	Version
sun:solaris	sun solaris	eq	10.0
sun:solaris	sun solaris	eq	8.0
sun:sunos	sun sunos	eq	5.8
sun:solaris	sun solaris	eq	9.0
sun:sunos	sun sunos	eq	5.10
sun:sunos	sun sunos	eq	5.9

References

secunia.com/advisories/21581

secunia.com/advisories/22295

securitytracker.com/id?1016727

sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1

support.avaya.com/elmodocs2/security/ASA-2006-205.htm

www.securityfocus.com/bid/19657

www.vupen.com/english/advisories/2006/3355

exchange.xforce.ibmcloud.com/vulnerabilities/28519

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.4%

JSON

Related for CVE-2006-4319

openvas4 nessus6 cve1