Definition
New Search
Security Vulnerability in the Netscape Portable Runtime (NSPR) API Affects Solaris
oval:org.mitre.oval:def:1819
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2 as used in Sun Solaris 10 trusts user-specified environment variables for specifying log files even when running from setuid programs which allows local users to create or overwrite arbitrary files.
Family:
unix
Status:
ACCEPTED
Platform(s):
- Sun Solaris 10
Class:
vulnerability
Reference(s):
- CVE-2006-4842
Product(s):