Vulnerability Description
Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Centennial | Discovery | 2006_featurepack1 |
| Numara | Asset Manager | 8.0 |
| Symantec | Discovery | 6.5 |
References
- http://secunia.com/advisories/25354Vendor Advisory
- http://secunia.com/advisories/25374Vendor Advisory
- http://secunia.com/advisories/25379Vendor Advisory
- http://secunia.com/secunia_research/2007-58/advisory/Vendor Advisory
- http://secunia.com/secunia_research/2007-59/advisory/Vendor Advisory
- http://secunia.com/secunia_research/2007-60/advisory/Vendor Advisory
- http://www.securityfocus.com/bid/25000
- http://www.vupen.com/english/advisories/2007/2599
- http://www.vupen.com/english/advisories/2007/2600
- http://www.vupen.com/english/advisories/2007/2603
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35564
- http://secunia.com/advisories/25354Vendor Advisory
- http://secunia.com/advisories/25374Vendor Advisory
FAQ
What is CVE-2007-2950?
CVE-2007-2950 is a vulnerability with a CVSS score of 7.2 (HIGH). Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to ga...
How severe is CVE-2007-2950?
CVE-2007-2950 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2950?
Check the references section above for vendor advisories and patch information. Affected products include: Centennial Discovery, Numara Asset Manager, Symantec Discovery.