Lucene search

PRIOn knowledge basePRION:CVE-2006-1380

HistoryMar 24, 2006 - 11:02 a.m.

Design/Logic Flaw

2006-03-2411:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe.

CPENameOperatorVersion
interscan_messaging_security_suiteeq5.5

CPE	Name	Operator	Version
	interscan_messaging_security_suite	eq	5.5

References

secunia.com/advisories/19022

www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english

www.vupen.com/english/advisories/2006/1041

exchange.xforce.ibmcloud.com/vulnerabilities/25415

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2006-1380

cve1