Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2231

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2004-2231
Last Modified 05 Sep 2008 04:43:33
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2004-2231

Summary

Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files.

Vulnerable Systems


References

XF - installanywhere-symlink(16791)

BID - 10808

OSVDB - 8236

IDEFENSE - 20030620 ZeroG InstallAnywhere5 Symlink Vulnerability

MISC - http://vapid.dhs.org/zerogadv.txt

SECUNIA - 12129


Last Updated: 27 May 2016 10:39:24