Vulnerability in Sun One_application_server

CVE-2003-0414

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.

EPSS: 0.004 (29.4th percentile) — read the EPSS interpretation.

Affected products

Sun One_application_server — versions 7.0
N/a — versions n/a

References

cve@mitre.org (x_refsource_MISC)
cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT, Vendor Advisory)
cve@mitre.org (government-resource, Vendor Advisory, x_refsource_CIAC, third-party-advisory)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)