Electric Cloud ElectricCommander prior to 4.2.6 and 5.x prior to 5.0.3 uses world-writable permissions for (1) eccert.pl and (2) ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
electric cloud electriccommander 5.0.2 |
||
electric cloud electriccommander |
||
electric cloud electriccommander 5.0.0 |
||
electric cloud electriccommander 5.0.1 |