CVE-2009-2489

Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-06-1	Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252226-1	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2009/1915
https://exchange.xforce.ibmcloud.com/vulnerabilities/51743

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:ray_server_software:4.0:::::::*
	cpe:2.3:a:sun:ray_server_software:4.0::linux:::::
	cpe:2.3:a:sun:ray_server_software:4.0::sparc:::::
	cpe:2.3:a:sun:ray_server_software:4.0::x86:::::

History

No history.

Information

Published : 2009-07-16 16:30

Updated : 2017-08-17 01:30

NVD link : CVE-2009-2489

Mitre link : CVE-2009-2489

CVE.ORG link : CVE-2009-2489

JSON object : View

Products Affected

sun

ray_server_software

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-2489", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-07-16T16:30:00.610", "references": [{"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-06-1", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-252226-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1915", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51743", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el programa utdmsession en Sun Ray Server Software (SRSS) v4.0, permite a usuarios locales acceder a las sesiones de usuarios de su elecci\u00f3n a trav\u00e9s de vectores desconocidos."}], "lastModified": "2017-08-17T01:30:47.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D694C584-5A13-4064-B1AA-4C3C02F372FE"}, {"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB"}, {"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5"}, {"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}