Lucene search

PRIOn knowledge basePRION:CVE-2006-1381

HistoryMar 24, 2006 - 11:02 a.m.

Code injection

2006-03-2411:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.1%

JSON

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.

CPENameOperatorVersion
officescaneq5.5

CPE	Name	Operator	Version
	officescan	eq	5.5

References

secunia.com/advisories/11576

www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english

www.vupen.com/english/advisories/2006/1041

exchange.xforce.ibmcloud.com/vulnerabilities/25415

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.1%

JSON

Related for PRION:CVE-2006-1381

cve1