PT-2009-3963 · Razorcms · Razorcms

Jeremi Gosney

Published

2009-04-28

Updated

2017-08-17

CVE-2009-1462

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions razorCMS versions prior to 0.4

Description The Security Manager in razorCMS does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.

Recommendations For versions prior to 0.4, update to version 0.4 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2009-1462

Affected Products

Razorcms

PT-2009-3963 · Razorcms · Razorcms

CVE-2009-1462

Weakness Enumeration

Related Identifiers

Affected Products

References · 6