Skip to main content

CVE-2008-3666

Severity High
Score 7.1/10

Summary

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • NONE
  • COMPLETE

References

Advisory Timeline

  • Published