Lucene search

[email protected]NVD:CVE-2006-5328

HistoryOct 17, 2006 - 9:07 p.m.

CVE-2006-5328

2006-10-1721:07:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.8%

JSON

OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.

Affected configurations

NVD

Node

applexcodeRange≤2.2

openbase_international_ltdopenbaseRange≤10.0mac_os_x

openbase_international_ltdopenbaseMatch7.0.15mac_os_x

openbase_international_ltdopenbaseMatch8.0.4mac_os_x

openbase_international_ltdopenbaseMatch9.1.5mac_os_x

References

lists.apple.com/archives/security-announce/2007/Oct/msg00001.html

secunia.com/advisories/22390

secunia.com/advisories/27441

www.digitalmunition.com/DMA%5B2006-1016a%5D.txt

www.digitalmunition.com/Xcode_OpenBase_createfile.pl

www.securityfocus.com/bid/20562

www.securitytracker.com/id?1018872

www.vupen.com/english/advisories/2007/3665

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.8%

JSON

Related for NVD:CVE-2006-5328

cvelist2 cve2 nvd1