Main Vulnerability Database Vulnerabilities #VU40634

Input validation error in Oracle Solaris - CVE-2015-4817

Published: October 22, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40634

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-4817

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver.

How to mitigate CVE-2015-4817

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1033881

Input validation error in Oracle Solaris - CVE-2015-4817

Detailed vulnerability description

How to mitigate CVE-2015-4817

Sources

Please verify you're human