Executive Summary

Informations
NameCVE-2009-3839First vendor Publication2009-11-02
VendorCveLast vendor Modification2017-09-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3839

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6480
 
Oval ID: oval:org.mitre.oval:def:6480
Title: A Security Weakness in Solaris Trusted Extensions May Facilitate Privilege Escalation
Description: Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3839
Version: 1
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os179
Os2

Open Source Vulnerability Database (OSVDB)

idDescription
59354Solaris Trusted Extensions Policy Unspecified Remote Bypass

Information Assurance Vulnerability Management (IAVM)

DateDescription
2009-11-05IAVM : 2009-A-0113 - Sun Solaris Remote Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0021928

Nessus® Vulnerability Scanner

DateDescription
2009-10-19Name : The remote host is missing Sun Security Patch number 126363-10
File : solaris10_126363.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/36840
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-270969-1
VUPEN http://www.vupen.com/english/advisories/2009/3070

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2017-09-19 09:23:28
  • Multiple Updates
2016-04-26 19:14:02
  • Multiple Updates
2014-02-17 10:52:09
  • Multiple Updates
2013-11-11 12:38:26
  • Multiple Updates
2013-05-11 00:00:06
  • Multiple Updates