Lucene search

PRIOn knowledge basePRION:CVE-2006-0948

HistoryAug 21, 2006 - 6:04 p.m.

Design/Logic Flaw

2006-08-2118:04:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.4%

JSON

AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the “America Online 9.0” directory, which allows local users to gain privileges by replacing critical files.

CPENameOperatorVersion
aoleq9.0.41842340

CPE	Name	Operator	Version
	aol	eq	9.0.41842340

References

secunia.com/advisories/18734

secunia.com/secunia_research/2006-08

securityreason.com/securityalert/1416

securitytracker.com/id?1016717

www.osvdb.org/27995

www.securityfocus.com/archive/1/443622/100/0/threaded

www.securityfocus.com/bid/19583

www.vupen.com/english/advisories/2006/3317

exchange.xforce.ibmcloud.com/vulnerabilities/28445

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.4%

JSON

Related for PRION:CVE-2006-0948