Lucene search

[email protected]CVE-2006-0812

HistoryFeb 23, 2006 - 8:02 p.m.

CVE-2006-0812

2006-02-2320:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0812

visnetic

antivirus

plug-in

dkavupsch.exe

mail server

security

privilege escalation

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.5%

JSON

The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows local users to gain privileges.

CPENameOperatorVersion
visnetic:visnetic_antivirus_plug-in_for_mail_servervisnetic visnetic antivirus plug-in for mail servereq4.6.0.4
visnetic:visnetic_antivirus_plug-in_for_mail_servervisnetic visnetic antivirus plug-in for mail servereq4.6.1.1

CPE	Name	Operator	Version
visnetic:visnetic_antivirus_plug-in_for_mail_server	visnetic visnetic antivirus plug-in for mail server	eq	4.6.0.4
visnetic:visnetic_antivirus_plug-in_for_mail_server	visnetic visnetic antivirus plug-in for mail server	eq	4.6.1.1

References

secunia.com/advisories/16583

secunia.com/secunia_research/2005-65/advisory/

securitytracker.com/id?1015670

www.securityfocus.com/archive/1/425890/100/0/threaded

www.securityfocus.com/bid/16788

www.vupen.com/english/advisories/2006/0701

exchange.xforce.ibmcloud.com/vulnerabilities/24928

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.5%

JSON

Related for CVE-2006-0812

securityvulns1 prion1 nessus1