Main Vulnerability Database Vulnerabilities #VU40636

Input validation error in Oracle Solaris - CVE-2015-2642

Published: October 22, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40636

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-2642

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip.

How to mitigate CVE-2015-2642

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1033881

Input validation error in Oracle Solaris - CVE-2015-2642

Detailed vulnerability description

How to mitigate CVE-2015-2642

Sources

Please verify you're human