CVE-2009-0876

Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:sun:xvm_virtualbox:2.0.6r39760:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.4r42893:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:xvm_virtualbox:2.0.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Information

Published : 2009-03-12 08:20

Updated : 2017-08-16 18:30


NVD link : CVE-2009-0876

Mitre link : CVE-2009-0876


JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

dedicated server usa

Products Affected

sun

  • xvm_virtualbox

linux

  • linux_kernel