CVE-1999-0786
CVSS 2.0 Score 4.6 of 10 (medium)
Details
Summary
CVE-1999-0786 is a local vulnerability affecting the dynamic linker in Solaris. An attacker can manipulate the LD_PROFILE environmental variable to create arbitrary files by utilizing a symlink attack. This issue poses a security risk as it enables unauthorized file creation, potentially leading to data manipulation or unauthorized system access. The vulnerability was identified in 1999 and can be exploited by local users without requiring privileged access. System administrators should take immediate steps to mitigate this risk by updating their systems and implementing appropriate access control measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Sun Solaris
- SunOS
Affected Vendors
- Oracle Corp
- Sun.