CVE-2007-4393

{"id": "CVE-2007-4393", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-08-17T22:17:00.000", "references": [{"url": "http://osvdb.org/46403", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26395", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the disk group, which allows the local oracle user to read or write raw disk partitions."}, {"lang": "es", "value": "La secuencia de comandos de instalaci\u00f3n para orarun sobre SUSE Linux anterior al 10/08/2007 coloca al usuario oracle dentro del grupo disk (disco) lo cual permite al usuario local oracle leer y escribir particiones de disco en bruto."}], "lastModified": "2008-11-15T06:56:50.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:suse_linux:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67527281-81FA-4068-9E0A-7B19FB6A208A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}