CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6382

The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a user's directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.6%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/23199
http://www.securityfocus.com/bid/21436
https://exchange.xforce.ibmcloud.com/vulnerabilities/30753
http://secunia.com/advisories/23199
http://www.securityfocus.com/bid/21436
https://exchange.xforce.ibmcloud.com/vulnerabilities/30753

Products affected by CVE-2006-6382

Positive Software » H-Sphere » Version: 2.4.3

cpe:2.3:a:positive_software:h-sphere:2.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6382

Products

Pricing

Contact Us