PT-2007-3848 · Oracle · Solaris

Published

2007-05-09

Updated

2018-10-30

CVE-2007-2529

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Solaris 10 versions prior to 20070507

Description The issue is related to an integer signedness error in the acl (facl) system call, which can be exploited by local users to cause a denial of service, potentially leading to a kernel panic, and may also allow privilege escalation via a specific argument related to ACE SETACL.

Recommendations For Solaris 10 versions prior to 20070507, update to a version released after 20070507 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2529

Affected Products

Solaris

PT-2007-3848 · Oracle · Solaris

CVE-2007-2529

Related Identifiers

Affected Products

References · 10