Lucene search

[email protected]NVD:CVE-2005-2382

HistoryJul 26, 2005 - 4:00 a.m.

CVE-2005-2382

2005-07-2604:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality.

Affected configurations

Nvd

Node

oraypeanuthullMatch3.0.1.0

VendorProductVersionCPE
oraypeanuthull3.0.1.0cpe:2.3:a:oray:peanuthull:3.0.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oray	peanuthull	3.0.1.0	cpe:2.3:a:oray:peanuthull:3.0.1.0:::::::*

References

marc.info/?l=bugtraq&m=112190569628213&w=2

secunia.com/advisories/16124

secway.org/advisory/AD20050720EN.txt

www.securityfocus.com/bid/14330

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2005-2382

cvelist1 cve1