Lucene search
HistoryNov 12, 2010 - 10:00 p.m.
CVE-2010-3895
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Affected configurations
Node
ibmomnifindRange≤9.0-enterprise
ORibmomnifindMatch8.0-enterprise
ORibmomnifindMatch8.4-enterprise
ORibmomnifindMatch8.5-enterprise
Related
prion
prion
Command injection
2010-11-12 22:00:00
Design/Logic Flaw
2010-11-12 22:00:00
exploitpack
exploitpack
IBM OmniFind - Local Privilege Escalation
2010-11-09 00:00:00
zdt
zdt
IBM OmniFind Privilege Escalation Vulnerability
2010-11-10 00:00:00
cve
cve
CVE-2010-3895
2010-11-12 22:00:02
CVE-2010-4236
2010-11-12 22:00:02
cvelist
cvelist
CVE-2010-3895
2010-11-12 21:00:00
CVE-2010-4236
2010-11-12 21:00:00
nvd
nvd
CVE-2010-4236
2010-11-12 22:00:02
exploitdb
exploitdb
IBM OmniFind - Local Privilege Escalation
2010-11-09 00:00:00
packetstorm
packetstorm
IBM OmniFind Cross Site Scripting / Privilege Escalation
2010-11-10 00:00:00
securityvulns
securityvulns
IBM OmniFind - several vulnerabilities
2010-11-18 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2010-3895