CVE-1999-0786

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Sep 22, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0786 is a local vulnerability affecting the dynamic linker in Solaris. An attacker can manipulate the LD_PROFILE environmental variable to create arbitrary files by utilizing a symlink attack. This issue poses a security risk as it enables unauthorized file creation, potentially leading to data manipulation or unauthorized system access. The vulnerability was identified in 1999 and can be exploited by local users without requiring privileged access. System administrators should take immediate steps to mitigate this risk by updating their systems and implementing appropriate access control measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Sun Solaris
  • SunOS

Affected Vendors

  • Oracle Corp
  • Sun.