#VU40627 Input validation error in Oracle Solaris - CVE-2015-4891
Published: October 22, 2015 / Updated: August 9, 2020
Vulnerability identifier: #VU40627
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2015-4891
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Oracle Solaris
Oracle Solaris
Software vendor:
Oracle
Oracle
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.
Remediation
Install update from vendor's website.