CVE-2006-3784

2006-07-2121:00:00

mitre

www.cve.org

AI Score

6.6

Confidence

High

EPSS

Percentile

9.5%

JSON

Symantec pcAnywhere 12.5 uses weak default permissions for the “Symantec\pcAnywhere\Hosts” folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.

References

secunia.com/advisories/21113

securityreason.com/securityalert/1261

www.digitalbullets.org/?p=3

www.securityfocus.com/archive/1/440448/100/0/threaded

www.vupen.com/english/advisories/2006/2874