Main Vulnerability Database Vulnerabilities #VU40818

Input validation error in Oracle Solaris - CVE-2015-2577

Published: April 16, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40818

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2015-2577

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Solaris

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Accounting commands.

How to mitigate CVE-2015-2577

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
http://www.securityfocus.com/bid/74122
http://www.securitytracker.com/id/1032132

Input validation error in Oracle Solaris - CVE-2015-2577

Detailed vulnerability description

How to mitigate CVE-2015-2577

Sources

Please verify you're human