PT-2006-6050 · Openbase+1 · Openbase Sql+1

Kevin Finisterre

Published

2006-10-17

Updated

2018-08-13

CVE-2006-5328

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions OpenBase SQL versions 10.0 and earlier

Description The issue allows local users to create arbitrary files via a symlink attack on the simulation.sql file. This can be exploited in products that use OpenBase SQL, such as Apple Xcode 2.2 and earlier.

Recommendations For OpenBase SQL versions 10.0 and earlier, consider restricting access to the simulation.sql file to prevent symlink attacks until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5328

Affected Products

Openbase Sql

Xcode

PT-2006-6050 · Openbase+1 · Openbase Sql+1

CVE-2006-5328

Related Identifiers

Affected Products

References · 9