Vulnerability Details : CVE-2009-4211
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.
Exploit prediction scoring system (EPSS) score for CVE-2009-4211
Probability of exploitation activity in the next 30 days: 0.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 36 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-4211
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-4211
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-4211
Products affected by CVE-2009-4211
- cpe:2.3:a:disa:srr_for_solaris:*:*:*:*:*:*:*:*