Lucene search

K
cve[email protected]CVE-2006-6308
HistoryDec 06, 2006 - 8:28 p.m.

CVE-2006-6308

2006-12-0620:28:00
NVD-CWE-Other
web.nvd.nist.gov
25
symantec
livestate
agent
windows
privilege escalation
vulnerability
cve-2006-6308
nvd

7.7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

Symantec LiveState 7.1 Agent for Windows allows local users to gain privileges by stopping the shstart.exe process and open β€œWeb Self-Service” from the system tray icon, which will open a browser window running with elevated privileges. NOTE: several third-party researchers have noted that administrator privileges may be necessary to terminate shstart.exe. If this is the case, then no privilege escalation occurs, and this is not a vulnerability

7.7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%