CVE-2006-4842

Published Oct 12, 2006

Last updated 6 years ago

Overview

Description: The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.6
Impact score: 4.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Vendor comments

Red HatThis issue also affects other OS that use NSPR. However, Red Hat does not ship any application linked setuid or setgid against NSPR and therefore is not vulnerable to this issue.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netscape:portable_runtime_api:4.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB613FE8-2543-4182-A191-CE6F3238348B"
          },
          {
            "criteria": "cpe:2.3:a:netscape:portable_runtime_api:4.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F312890-81F2-44DE-83D9-554532019872"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References