CVE-2006-6494

CVE-2006-6494 · MEDIUM Severity

AV:L/AC:M/AU:S/C:C/I:C/A:C

Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.

Learn more about our Cis Benchmark Audit For Oracle Solaris.