Oval Definition:	oval:org.mitre.oval:def:1819
Revision Date: 2007-09-27 Version: 16 Title: Security Vulnerability in the Netscape Portable Runtime (NSPR) API Affects Solaris Description: The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-4842 Platform(s): Sun Solaris 10 Product(s): Definition Synopsis Solaris 10 (SPARC) meets Sun Alert 102658 Solaris 10 (SPARC) is installed AND NOT Patch 119213-10 or later installed OR Solaris 10 (x86) meets Sun Alert 102658 Solaris 10 (x86) is installed AND NOT Patch 119214-10 or later installed
BACK