CVE-2019-3475

Beschreibung:
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

CWE: CWE-269 CWE-787

CVSS-Bewertung
CVSS 2: HIGH – 7.2 (Version: 2.0)
CVSS 3: HIGH – 7.8 (Version: 3.1)

Links:

NVD – CVE-2019-3475
CVE – CVE-2019-3475

Link (max. 20) Quelle Tags
https://support.microfocus.com/kb/doc.php?id=7023727 MISC Vendor Advisory Vendor Advisory
https://download.novell.com/Download?buildid=nZUCSDkvpxk~ MISC Vendor Advisory Third Party Advisory Third Party Advisory
46450 EXPLOIT-DB Exploit Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf CONFIRM Third Party Advisory US Government Resource VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf CONFIRM
DSA-4456 DEBIAN
20190605 [SECURITY] [DSA 4456-1] exim4 security update BUGTRAQ
GLSA-201906-01 GENTOO
[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit MLIST
108679 BID
openSUSE-SU-2019:1524 SUSE
http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html MISC
20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149) FULLDISC
http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2 MLIST
http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim MLIST

Quelle: NVD – CVE-2019-3475
Datum Veröffentlichung: 2019-02-20T22:29Z, Datum letzte Änderung: 2021-05-12T20:44Z