PT-2009-3963 · Razorcms · Razorcms
Jeremi Gosney
·
Publicado
2009-04-28
·
Atualizado
2017-08-17
·
CVE-2009-1462
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
razorCMS versions prior to 0.4
Description
The Security Manager in razorCMS does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
Recommendations
For versions prior to 0.4, update to version 0.4 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Razorcms