ID CVE-2007-3471
Summary Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
CVSS
Base: 7.2 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2007-08-02T14:47:15.305-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Opsware, Inc.
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
family unix
id oval:org.mitre.oval:def:2015
status accepted
submitted 2007-07-03T09:00:00.000-04:00
title dtsession(1X) Contains a Buffer Overflow Vulnerability
version 35
refmap via4
bid 24687
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-310.htm
osvdb 36608
secunia
  • 25876
  • 26136
sunalert 102954
vupen ADV-2007-2369
xf solaris-dtsession1x-bo(35127)
Last major update 29-09-2017 - 01:29
Published 28-06-2007 - 18:30
Last modified 29-09-2017 - 01:29
Back to Top