Main Vulnerability Database Vulnerabilities #VU40627

Input validation error in Oracle Solaris - CVE-2015-4891

Published: October 22, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40627

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-4891

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.

How to mitigate CVE-2015-4891

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1033881

Input validation error in Oracle Solaris - CVE-2015-4891

Detailed vulnerability description

How to mitigate CVE-2015-4891

Sources

Please verify you're human