Lucene search

[email protected]CVE-2005-3360

HistoryDec 14, 2005 - 8:07 p.m.

CVE-2005-3360

2005-12-1420:07:00

[email protected]

web.nvd.nist.gov

trend micro

pc-cillin

internet security

vulnerability

insecure acls

denial of service

system privileges

nvd

cve-2005-3360

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably previous versions, uses insecure default ACLs, which allows local users to cause a denial of service (disabled service) and gain system privileges by modifying or moving critical program files.

Affected configurations

NVD

Node

trend_micropc-cillin_2005Match12.00_build_1244

CPENameOperatorVersion
trend_micro:pc-cillin_2005trend micro pc-cillin 2005eq12.00_build_1244

CPE	Name	Operator	Version
trend_micro:pc-cillin_2005	trend micro pc-cillin 2005	eq	12.00_build_1244

References

secunia.com/advisories/18044

securitytracker.com/id?1015357

www.idefense.com/application/poi/display?id=351&type=vulnerabilities

www.securityfocus.com/bid/15872

www.vupen.com/english/advisories/2005/2906

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-3360

nvd1 cvelist1 securityvulns1