CVE-2016-1271

HIGH Year: 2016
CVSS v3 Score
7.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-20
View all →

Vulnerability Description

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615.

Related Vulnerabilities

CVE-2005-4890

HIGH
CVSS:7.8(High)

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to p...

CWE-202005

CVE-2009-0082

HIGH
CVSS:7.8(High)

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges v...

CWE-202009

CVE-2010-0485

HIGH
CVSS:7.8(High)

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properl...

CWE-202010

CVE-2010-1821

HIGH
CVSS:7.8(High)

Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.

CWE-202010

CVE-2010-2061

HIGH
CVSS:7.8(High)

rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.

CWE-202010

CVE-2010-4040

HIGH
CVSS:7.8(High)

Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact v...

CWE-202010