CVE-2009-1173

EUVD-2009-1173
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_application_server
7.0
ibmwebsphere_application_server
7.0.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/34131
http://secunia.com/advisories/34461
http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
http://www.securityfocus.com/bid/34259
http://www.vupen.com/english/advisories/2009/0854
http://secunia.com/advisories/34131
http://secunia.com/advisories/34461
http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
http://www.securityfocus.com/bid/34259
http://www.vupen.com/english/advisories/2009/0854