Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2019-3010

Published: 16/10/2019 Updated: 31/01/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Solaris

Vulnerability Summary

Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle solaris 11

Exploits

Exploit DB: Solaris 11.4 - xscreensaver Privilege Escalation
@Mediaservicenet Security Advisory #2019-02 (last updated on 2019-10-16) Title: Local privilege escalation on Solaris 11x via xscreensaver Application: Jamie Zawinski's xscreensaver 539 distributed with Solaris 114 Jamie Zawinski's xscreensaver 515 distributed with Solaris 113 Other versions starting from 506 are poten ...
Exploit DB: Solaris 11.4 xscreensaver Privilege Escalation
Solaris version 114 xscreensaver local privilege escalation exploit ...

Github Repositories

https://github.com/p4lsec/cve_exploit

cve_exploit A lightweight Python3/SQLite/Flask application designed to automatically maintain a database of CVEs which have known public exploits The data is retrievable via a REST-like API Requirements pip3 install flask Install git clone githubcom/p4lsec/cve_exploitgit && cd cve_exploit Modify the port and IP address in 'apppy' Usage To

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlhttp://seclists.org/fulldisclosure/2019/Oct/39http://packetstormsecurity.com/files/154960/Solaris-xscreensaver-Privilege-Escalation.htmlhttps://nvd.nist.govhttps://github.com/p4lsec/cve_exploithttps://www.exploit-db.com/exploits/47529
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook