Lucene search

MitreCVE-2006-0229

HistoryJan 17, 2006 - 9:03 p.m.

CVE-2006-0229

2006-01-1721:03:00

mitre

web.nvd.nist.gov

cve-2006-0229

windows

search path

vulnerability

wehntrust

local users

privileges

program.exe

autostart key

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges via a malicious “program.exe” file in the C: folder, which is run when Wehntrust creates the autostart key.

Affected configurations

Nvd

Node

wehnuswehntrust

VendorProductVersionCPE
wehnuswehntrust*cpe:2.3:a:wehnus:wehntrust:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wehnus	wehntrust	*	cpe:2.3:a:wehnus:wehntrust::::::::

References

www.securityfocus.com/archive/1/422020/100/0/threaded

www.securityfocus.com/archive/1/422046/100/0/threaded

www.securityfocus.com/bid/16268

www.wehnus.com/downloads.pl

exchange.xforce.ibmcloud.com/vulnerabilities/24315

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2006-0229