Lucene search

K
cve[email protected]CVE-2004-1149
HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1149

2005-01-1005:00:00
NVD-CWE-Other
web.nvd.nist.gov
24
2
computer associates
etrust ez antivirus
cve-2004-1149
insecure file permissions
acls
local user privileges
vetmsg.exe
nvd

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.

Social References

More

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

Related for CVE-2004-1149