New Search

Security Vulnerabilities in Solaris ld.so.1(1) may Lead to Execution of Arbitrary Code with Elevated Privileges

oval:org.mitre.oval:def:1909

Stack-based buffer overflow in ld.so.1 in Sun Solaris 8 9 and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries except in cases of external introduction of malicious message files or if it is leveraged with other vulnerabilities such as CVE-2006-6494.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
  • Sun Solaris 9
  • Sun Solaris 8
Class:
vulnerability
Reference(s):
  • CVE-2006-6495
Product(s):