CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
28.0%
The “restore to” selection in the “quarantine a file” capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
Vendor | Product | Version | CPE |
---|---|---|---|
eset_software | nod32_antivirus | 1.0.11 | cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:* |
eset_software | nod32_antivirus | 1.0.12 | cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:* |
eset_software | nod32_antivirus | 1.0.13 | cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:* |
eset_software | nod32_antivirus | 2.5 | cpe:2.3:a:eset_software:nod32_antivirus:2.5:*:*:*:*:*:*:* |