CVE-2009-2491
Severity Score
4.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks."
El demonio utaudiod en Sun Ray Server Software (SRSS) v4.0, cuando Solaris Trusted Extensions está activado, permite a usuarios locales acceder a sesiones de usuarios de su elección a través de vectores desconocidos relacionados con "fugas de recursos" (resources leaks).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-07-16 CVE Reserved
- 2009-07-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/55978 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/1915 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/51742 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-06-1 | 2017-08-17 | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-253889-1 | 2017-08-17 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sun Search vendor "Sun" | Ray Server Software Search vendor "Sun" for product "Ray Server Software" | 4.0 Search vendor "Sun" for product "Ray Server Software" and version "4.0" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Ray Server Software Search vendor "Sun" for product "Ray Server Software" | 4.0 Search vendor "Sun" for product "Ray Server Software" and version "4.0" | sparc |
Affected
| ||||||
| Sun Search vendor "Sun" | Ray Server Software Search vendor "Sun" for product "Ray Server Software" | 4.0 Search vendor "Sun" for product "Ray Server Software" and version "4.0" | x86 |
Affected
| ||||||