Lucene search

[email protected]NVD:CVE-2010-4506

HistoryFeb 07, 2011 - 9:00 p.m.

CVE-2010-4506

2011-02-0721:00:01

CWE-310

[email protected]

web.nvd.nist.gov

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

25.7%

JSON

Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A allows physically proximate attackers to execute arbitrary programs without authentication by triggering use of an invalid SSL certificate and using the Internet Explorer interface to navigate through the filesystem via a “Save As” dialog that is reachable from the “Certificate Export” wizard.

Affected configurations

Nvd

Node

oraclepasslogix_v-go_self-service_password_reset_and_oemMatch7.0

VendorProductVersionCPE
oraclepasslogix_v-go_self-service_password_reset_and_oem7.0cpe:2.3:a:oracle:passlogix_v-go_self-service_password_reset_and_oem:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	passlogix_v-go_self-service_password_reset_and_oem	7.0	cpe:2.3:a:oracle:passlogix_v-go_self-service_password_reset_and_oem:7.0:::::::*

References

securityreason.com/securityalert/8065

www.securityfocus.com/bid/46452

exchange.xforce.ibmcloud.com/vulnerabilities/65439

www.trustwave.com/spiderlabs/advisories/TWSL2010-007.txt

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

25.7%

JSON

Related for NVD:CVE-2010-4506

prion1 cve1 cvelist1