CVE-2009-1173

Sažetak

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.

Reference

http://secunia.com/advisories/34131
http://secunia.com/advisories/34461
http://www.securityfocus.com/bid/34259
http://www.vupen.com/english/advisories/2009/0854
http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
http://www-01.ibm.com/support/docview.wss?uid=swg27014463

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

24-10-2014 - 05:37

Objavljeno

31-03-2009 - 14:09