Lucene search

[email protected]CVE-2005-4069

HistoryDec 08, 2005 - 1:03 a.m.

CVE-2005-4069

2005-12-0801:03:00

CWE-264

[email protected]

web.nvd.nist.gov

sunncomm mediamax drm

sony bmg

cve-2005-4069

local privilege escalation

security vulnerability

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the “SunnComm Shared” directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe.

Affected configurations

NVD

Node

sunncommmediamax_drmMatch5.0.21.0

CPENameOperatorVersion
sunncomm:mediamax_drmsunncomm mediamax drmeq5.0.21.0

CPE	Name	Operator	Version
sunncomm:mediamax_drm	sunncomm mediamax drm	eq	5.0.21.0

References

secunia.com/advisories/17933

securitytracker.com/id?1015327

www.eff.org/IP/DRM/Sony-BMG/MediaMaxVulnerabilityReport.pdf

www.eff.org/news/archives/2005_12.php#004234

www.kb.cert.org/vuls/id/928689

www.securityfocus.com/bid/15754

www.vupen.com/english/advisories/2005/2783

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVE-2005-4069

cert1 cvelist1 nvd1