CVE-2010-3895

CVE-2010-3895

EPSS 0.8%

esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt http://www.exploit-db.com/exploits/15475 http://www.securityfocus.com/archive/1/514688/100/0/threaded http://www.securityfocus.com/bid/44740 http://www.vupen.com/english/advisories/2010/2933