CVE-2007-5254

2007-10-0617:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe.

References

lists.grok.org.uk/pipermail/full-disclosure/2007-October/066313.html

osvdb.org/37991

secunia.com/advisories/27094

www.anti-virus.by/en/

www.securityfocus.com/bid/25930