CVE-2012-3317

Sažetak

IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21611401
http://www-01.ibm.com/support/docview.wss?uid=swg1IC85477
https://exchange.xforce.ibmcloud.com/vulnerabilities/77818

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:31

Objavljeno

05-12-2012 - 11:57