Vulnerabilities > CVE-2006-6382 - Unspecified vulnerability in Positive Software H-Sphere 2.4.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a user's directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |