CVE-2006-4319

high

Description

Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164

https://exchange.xforce.ibmcloud.com/vulnerabilities/28519

http://www.vupen.com/english/advisories/2006/3355

http://www.securityfocus.com/bid/19657

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1

http://securitytracker.com/id?1016727

http://secunia.com/advisories/22295

http://secunia.com/advisories/21581

Details

Source: Mitre, NVD

Published: 2006-08-24

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H