Vulnerabilities > CVE-2006-5842 - Unspecified vulnerability in Unicore Client

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

unicore

NVD

Published: 2006-11-10

Updated: 2017-07-20

Summary

The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information. This vulnerability is addressed in the following product build: Unicore, Unicore Client, 5.6 build 5

Vulnerable Configurations

Part	Description	Count
Application	Unicore Unicore Unicore Client *	1

References

http://secunia.com/advisories/22765
http://sourceforge.net/project/shownotes.php?release_id=461942
http://www.securityfocus.com/bid/20981
http://www.vupen.com/english/advisories/2006/4419
https://exchange.xforce.ibmcloud.com/vulnerabilities/30157