CVE-2004-2231

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 1.2

EPSS Низкий

Описание

Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files.

Ссылки

http://secunia.com/advisories/12129
Vendor Advisory
http://vapid.dhs.org/zerogadv.txt
Vendor Advisory
http://www.idefense.com/application/poi/display?id=82&type=vulnerabilities
Vendor Advisory
http://www.osvdb.org/8236
http://www.securityfocus.com/bid/10808
https://exchange.xforce.ibmcloud.com/vulnerabilities/16791
http://secunia.com/advisories/12129
Vendor Advisory
http://vapid.dhs.org/zerogadv.txt
Vendor Advisory
http://www.idefense.com/application/poi/display?id=82&type=vulnerabilities
Vendor Advisory
http://www.osvdb.org/8236
http://www.securityfocus.com/bid/10808
https://exchange.xforce.ibmcloud.com/vulnerabilities/16791

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zero_g:installanywhere:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:zero_g:installanywhere:5.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00098

Низкий

1.2 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5wrh-pmjc-r65v

github

почти 4 года назад