Vulnerability Details : CVE-2007-6594

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

Published 2007-12-28 21:46:00

Updated 2011-03-08 03:03:16

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-6594

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6594

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C	3.4	10.0	[email protected]
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-6594

CWE-264

Assigned by: [email protected] (Primary)

References for CVE-2007-6594

Products affected by CVE-2007-6594

IBM » Lotus Notes » Linux Edition
Versions up to, including, (<=) 8.0.1
cpe:2.3:a:ibm:lotus_notes:*:*:linux:*:*:*:*:*
Matching versions