CVE-2007-3471

high

Description

Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.

References

http://osvdb.org/36608

http://secunia.com/advisories/25876

http://secunia.com/advisories/26136

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102954-1

http://support.avaya.com/elmodocs2/security/ASA-2007-310.htm

http://www.securityfocus.com/bid/24687

http://www.vupen.com/english/advisories/2007/2369

https://exchange.xforce.ibmcloud.com/vulnerabilities/35127

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2015

Details

Source: MITRE

Published: 2007-06-28

Updated: 2017-09-29

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH