Unrated severityNVD Advisory· Published Dec 7, 2006· Updated Jun 16, 2026
CVE-2006-6382
CVE-2006-6382
Description
The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a user's directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:positive_software:h-sphere:2.4.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:positive_software:h-sphere:2.4.3:*:*:*:*:*:*:*
- (no CPE)range: <2.5.0 RC3
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/23199nvdPatchVendor Advisory
- www.securityfocus.com/bid/21436nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/30753nvd
News mentions
0No linked articles in our index yet.