Read Time:31 Second
Description
While it is executing, the software sets the permissions of an object in a way that violates the intended permissions that have been specified by the user.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality, Integrity: Read Application Data, Modify Application Data
Potential Mitigations
Phase: Architecture and Design, Operation
Description:
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Phase: Architecture and Design
Description:
CVE References
- CVE-2002-0265
- Log files opened read/write.
- CVE-2003-0876
- Log files opened read/write.
- CVE-2002-1694
- Log files opened read/write.