CVE-2007-3717
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/07/2007
Last modified:
09/04/2025
Description
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/36611
- http://secunia.com/advisories/26024
- http://secunia.com/advisories/26210
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm
- http://www.vupen.com/english/advisories/2007/2494
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35334
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1772
- http://osvdb.org/36611
- http://secunia.com/advisories/26024
- http://secunia.com/advisories/26210
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm
- http://www.vupen.com/english/advisories/2007/2494
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35334
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1772