CVE-2010-0184

Sažetak

The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.

Reference

http://secunia.com/advisories/38191
http://www.securityfocus.com/bid/37805
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt
http://www.vupen.com/english/advisories/2010/0128

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

08-08-2011 - 04:00

Objavljeno

14-01-2010 - 19:30