CVE-1999-0689

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Sep 13, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0689 is a vulnerability affecting the CDE dtspcd daemon. This issue permits local users to execute arbitrary commands by exploiting a symlink vulnerability in the daemon. An attacker can create a malicious symbolic link in a location that the daemon trusts, leading it to execute unintended commands with the privileges of the daemon. This vulnerability poses a significant risk to systems running the CDE dtspcd daemon and underscores the importance of implementing proper access control and input validation measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Sun Solaris
  • SunOS

Affected Vendors

  • Oracle Corp
  • Sun.