RSS   Vulnerabilities for 'Portable runtime api'   RSS

2006-10-11
 
CVE-2006-4842

CWE-20
 

 
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.

 

 >>> Vendor: Netscape 21 Products
Messaging server
Certificate server
Collabra server
Directory server
Enterprise server
Fasttrack server
Proxy server
Communicator
News server
Commerce server
Communications server
Navigator
Professional services ftpserver
Netscape messaging server multiplexor
Iplanet ical
Publishingxpert
Smartdownload
Messanger
Personalization engine
Portable runtime api
Certificate management system


Copyright 2024, cxsecurity.com

 

Back to Top