MidnightBSD

Advisories for electric_cloud

CVE-2014-7180 MEDIUM

Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for (1) eccert.pl and (2) ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
electric_cloud electriccommander 5.0.2
electric_cloud electriccommander 5.0.1
electric_cloud electriccommander 5.0.0
electric_cloud electriccommander *