CVE-1999-0786

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Sep 22, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0786 is a vulnerability affecting the Solaris operating system. It involves the dynamic linker, which can be exploited by a local user through the use of the LD_PROFILE environmental variable and a symlink attack. By creating a maliciously crafted symbolic link, an attacker can manipulate the dynamic linker to write files in arbitrary locations, potentially leading to privilege escalation or other forms of unauthorized system access. This vulnerability poses a significant security risk and requires immediate patching or mitigation measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Sun Solaris
SunOS

Affected Vendors

Oracle Corp
Sun.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlSPY
https://www.cve.org/CVERecord?id=CVE-1999-0786
https://nvd.nist.gov/vuln/detail/CVE-1999-0786

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners