Lucene search

[email protected]CVE-2007-6594

HistoryDec 28, 2007 - 9:46 p.m.

CVE-2007-6594

2007-12-2821:46:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

lotus notes

linux

installation

vulnerability

nvd

7.2 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

CPENameOperatorVersion
ibm:lotus_notesibm lotus notesle8.0.1

CPE	Name	Operator	Version
ibm:lotus_notes	ibm lotus notes	le	8.0.1

References

osvdb.org/40933

osvdb.org/40934

secunia.com/advisories/27860

securitytracker.com/id?1019009

www-1.ibm.com/support/docview.wss?uid=swg21289273

www.vupen.com/english/advisories/2007/4037

7.2 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2007-6594

prion1