Design/Logic Flaw

2012-05-0123:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: Full Control) for the %COMMONPROGRAMFILES%\Quest Shared directory, which allows local users to gain privileges via a Trojan horse file.

CPENameOperatorVersion
toad_for_data_analystseq3.0.1

CPE	Name	Operator	Version
	toad_for_data_analysts	eq	3.0.1

References

secunia.com/advisories/48663

secunia.com/secunia_research/2012-13/

www.securityfocus.com/bid/53276

exchange.xforce.ibmcloud.com/vulnerabilities/75192