CVE-2006-0948
6.9 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
24.4%
AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the “America Online 9.0” directory, which allows local users to gain privileges by replacing critical files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| aol:aol | aol | eq | 9.0_4184.2340 |
References
secunia.com/advisories/18734
secunia.com/secunia_research/2006-08
securityreason.com/securityalert/1416
securitytracker.com/id?1016717
www.osvdb.org/27995
www.securityfocus.com/archive/1/443622/100/0/threaded
www.securityfocus.com/bid/19583
www.vupen.com/english/advisories/2006/3317
exchange.xforce.ibmcloud.com/vulnerabilities/28445
6.9 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
24.4%