CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1394

The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.7%

CVSS Severity

CVSS v2 Score 4.6

References

http://secunia.com/advisories/10755/
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57453-1
http://www.auscert.org.au/render.html?it=3800
http://www.osvdb.org/3764
http://www.securityfocus.com/bid/9534
http://www.securitytracker.com/id?1008893
https://exchange.xforce.ibmcloud.com/vulnerabilities/14988
http://secunia.com/advisories/10755/
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57453-1
http://www.auscert.org.au/render.html?it=3800
http://www.osvdb.org/3764
http://www.securityfocus.com/bid/9534
http://www.securitytracker.com/id?1008893
https://exchange.xforce.ibmcloud.com/vulnerabilities/14988

Products affected by CVE-2004-1394

Sun » Solaris » Version: 9.0

cpe:2.3:o:sun:solaris:9.0
Sun » Sunos » Version: 5.8

cpe:2.3:o:sun:sunos:5.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1394

Products

Pricing

Contact Us