CVE-2009-3468 - Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Tru

CVE-2009-3468

Summary

Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager.

References

Vulnerable Configurations

cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*

CVSS

Base:	6.9 (as of 17-08-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	36510
confirm	http://sunsolve.sun.com/search/document.do?assetkey=1-21-126365-15-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139620-01-1
osvdb	58319
sectrack	1022943
secunia	36822
sunalert	267488
vupen	ADV-2009-2756
xf	cde-mac-priv-escalation(53461)

Last major update

17-08-2017 - 01:31

Published

29-09-2009 - 19:30

Last modified

17-08-2017 - 01:31