CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
28.0%
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the “File System Management” RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | solaris | 8.0 | cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:* |
sun | solaris | 8.0 | cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:* |
sun | solaris | 8.0 | cpe:2.3:o:sun:solaris:8.0:beta:*:*:*:*:*:* |
sun | solaris | 9.0 | cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:* |
sun | solaris | 9.0 | cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:* |
sun | solaris | 9.0 | cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:* |
sun | solaris | 10.0 | cpe:2.3:o:sun:solaris:10.0:*:64_bit:*:*:*:*:* |
sun | solaris | 10.0 | cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:* |
sun | solaris | 10.0 | cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:* |
sun | solaris | 10.0 | cpe:2.3:o:sun:solaris:10.0:hw2:*:*:*:*:*:* |
secunia.com/advisories/21581
secunia.com/advisories/22295
securitytracker.com/id?1016727
sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1
support.avaya.com/elmodocs2/security/ASA-2006-205.htm
www.securityfocus.com/bid/19657
www.vupen.com/english/advisories/2006/3355
exchange.xforce.ibmcloud.com/vulnerabilities/28519
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164