Lucene search

[email protected]CVE-2006-3973

HistoryNov 22, 2006 - 11:07 a.m.

CVE-2006-3973

2006-11-2211:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3973

firewall

security

privilege escalation

vulnerability

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.9%

JSON

My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the “Test Your Firewall” feature, which allows local users to gain SYSTEM privileges.

CPENameOperatorVersion
my_firewall_plus:my_firewall_plusmy firewall pluseq5.0_build_1119

CPE	Name	Operator	Version
my_firewall_plus:my_firewall_plus	my firewall plus	eq	5.0_build_1119

References

secunia.com/advisories/21142

secunia.com/secunia_research/2006-59/advisory

securitytracker.com/id?1017267

www.securityfocus.com/archive/1/452233/100/0/threaded

www.securityfocus.com/bid/21228

www.vupen.com/english/advisories/2006/4635

exchange.xforce.ibmcloud.com/vulnerabilities/30476

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.9%

JSON

Related for CVE-2006-3973

securityvulns1