Lucene search
MitreCVE-2010-3895HistoryNov 12, 2010 - 10:00 p.m.
CVE-2010-3895
2010-11-1222:00:02
CWE-264
mitre
web.nvd.nist.gov
27
ibm
omnifind
enterprise edition
local users
privileges
arbitrary command
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
5.1%
esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Affected configurations
Node
ibmomnifindRange≤9.0-enterprise
ORibmomnifindMatch8.0-enterprise
ORibmomnifindMatch8.4-enterprise
ORibmomnifindMatch8.5-enterprise
Related
prion
prion
Command injection
2010-11-12 22:00:00
Design/Logic Flaw
2010-11-12 22:00:00
exploitpack
exploitpack
IBM OmniFind - Local Privilege Escalation
2010-11-09 00:00:00
zdt
zdt
IBM OmniFind Privilege Escalation Vulnerability
2010-11-10 00:00:00
nvd
nvd
CVE-2010-3895
2010-11-12 22:00:02
CVE-2010-4236
2010-11-12 22:00:02
cvelist
cvelist
CVE-2010-3895
2010-11-12 21:00:00
CVE-2010-4236
2010-11-12 21:00:00
cve
cve
CVE-2010-4236
2010-11-12 22:00:02
exploitdb
exploitdb
IBM OmniFind - Local Privilege Escalation
2010-11-09 00:00:00
packetstorm
packetstorm
IBM OmniFind Cross Site Scripting / Privilege Escalation
2010-11-10 00:00:00
securityvulns
securityvulns
IBM OmniFind - several vulnerabilities
2010-11-18 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2010-3895