2 matches found
OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...
CVE-2010-3584
CVE-2010-3584 affects Oracle VM 2.2.1, specifically the ovs-agent component. The issue, described as a local privilege escalation, arises from how Oracle VM Agent stores authentication data in files with weak permissions, enabling a local user to affect confidentiality, integrity and availability...