CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-4211

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile39.01th
Published2009年12月4日
Last Modified2026年4月23日

Vulnerability Description

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.

Affected Platforms (CPE)

📦
Disa

Srr For Solaris

All versions

References & Advisories

🔗 http://securitytracker.com/id?1023265
🔗 http://www.kb.cert.org/vuls/id/433821
🔗 http://www.securityfocus.com/archive/1/508188/100/0/threaded
🔗 http://www.securityfocus.com/bid/37200
🔗 http://securitytracker.com/id?1023265
🔗 http://www.kb.cert.org/vuls/id/433821
🔗 http://www.securityfocus.com/archive/1/508188/100/0/threaded
🔗 http://www.securityfocus.com/bid/37200

関連する脆弱性情報

CVE-2009-337910.0

Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause ...

CVE-2009-337710.0

Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow rem...

CVE-2009-337110.0

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (applicati...

CVE-2009-338010.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow rem...