Lucene search

[email protected]CVE-2007-4206

HistoryAug 08, 2007 - 2:17 a.m.

CVE-2007-4206

2007-08-0802:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

kaspersky

anti-spam

cve-2007-4206

nvd

upgrade

permissions

local users

privileges

7.4 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets incorrect permissions for application files in certain upgrade scenarios, which might allow local users to gain privileges.

CPENameOperatorVersion
kaspersky_lab:kaspersky_anti-spamkaspersky lab kaspersky anti-spamle3.0.274.0

CPE	Name	Operator	Version
kaspersky_lab:kaspersky_anti-spam	kaspersky lab kaspersky anti-spam	le	3.0.274.0

References

osvdb.org/37216

secunia.com/advisories/26312

www.kaspersky.com/technews?id=203038705

www.securityfocus.com/bid/25189

exchange.xforce.ibmcloud.com/vulnerabilities/35782

7.4 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-4206

prion1