Unrated severityNVD Advisory· Published May 11, 2007· Updated Apr 23, 2026

CVE-2007-2617

Description

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.

Affected products

Sun Corporation/Net Connect Software2 versions
cpe:2.3:a:sun:net_connect_software:3.2.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:net_connect_software:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:net_connect_software:3.2.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sunsolve.sun.com/search/document.donvdPatch
www.securityfocus.com/bid/23915nvdPatch
secunia.com/advisories/25194nvdVendor Advisory
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
osvdb.org/35940nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/1769nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34223nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1920nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000