Vulnerabilities > Zend > Zend Platform > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-09 | CVE-2007-1370 | Unspecified vulnerability in Zend Platform 2.2.1A Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. | 6.2 |
| 2007-03-09 | CVE-2007-1369 | Unspecified vulnerability in Zend Platform ini_modifier (sgid-zendtech) in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this directory to /usr/local/Zend/etc. local zend | 4.4 |