CVE-1999-0786

  • Last update: Apr 13, 2023

Description

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

Software From Fixed in
sun / sunos 5.4 5.4.x
sun / sunos 5.5 5.5.x
sun / sunos 5.5.1 5.5.1.x
sun / solaris 2.4 2.4.x
sun / solaris 2.5 2.5.x
sun / solaris 2.5.1 2.5.1.x
sun / solaris 2.6 2.6.x

Details

    • Severity: Low
  • CVE: CVE-1999-0786
  • Published: Sep 22, 1999
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P