Lucene search

[email protected]CVE-2011-1738

HistoryMay 13, 2011 - 5:05 p.m.

CVE-2011-1738

2011-05-1317:05:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2011-1738

hp palm

webos

pdk

privilege escalation

filesystem write access

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.

CPENameOperatorVersion
hp:palm_weboshp palm weboseq1.4.5
hp:palm_weboshp palm weboseq1.4.5.1

CPE	Name	Operator	Version
hp:palm_webos	hp palm webos	eq	1.4.5
hp:palm_webos	hp palm webos	eq	1.4.5.1

References

www.securityfocus.com/bid/47788

www.securitytracker.com/id?1025514

www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02822174

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2011-1738

prion1 cvelist1 securityvulns2