| Vulnerability Name: | CVE-2004-1360 (CCN-15331) | ||||||||
| Assigned: | 2004-02-26 | ||||||||
| Published: | 2004-02-26 | ||||||||
| Updated: | 2018-10-30 | ||||||||
| Summary: | Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-1360 Source: CCN Type: SA10991 Sun Solaris "conv_fix" Privilege Escalation Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 10991 Source: CCN Type: Sun Alert ID: 57509 Security Vulnerability in "/usr/lib/print/conv_fix" May Allow Unauthorized Privileges and/or Denial of Service Source: SUNALERT Type: Patch, Vendor Advisory 57509 Source: AUSCERT Type: Patch, Vendor Advisory ESB-2004.0169 Source: CCN Type: CIAC Information Bulletin O-089 Sun Security Vulnerability in "/usr/lib/print/conv_fix" Source: CIAC Type: Patch, Vendor Advisory O-089 Source: CCN Type: US-CERT VU#412566 Solaris conv_fix insecure file handling vulnerability Source: CERT-VN Type: Patch, Third Party Advisory, US Government Resource VU#412566 Source: OSVDB Type: UNKNOWN 4071 Source: CCN Type: OSVDB ID: 4071 Solaris conv_fix Privilege Escalation Source: BID Type: UNKNOWN 9759 Source: CCN Type: BID-9759 Sun Solaris conv_fix Unspecified File Overwrite Vulnerability Source: XF Type: UNKNOWN solaris-covfix-gain-privileges(15331) Source: XF Type: UNKNOWN solaris-covfix-gain-privileges(15331) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1732 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||