CVE Vulnerabilities

CVE-2010-4506

Published: Feb 07, 2011 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A allows physically proximate attackers to execute arbitrary programs without authentication by triggering use of an invalid SSL certificate and using the Internet Explorer interface to navigate through the filesystem via a Save As dialog that is reachable from the Certificate Export wizard.

Affected Software

Name Vendor Start Version End Version
Passlogix_v-go_self-service_password_reset_and_oem Oracle 7.0 (including) 7.0 (including)

References