CVE-2015-3449
The CVE-2015-3449 entry concerns the Windows client of SAP Afaria 7.0.6398.0. A root cause is insecure/permissive file permissions on the install folder (Everyone: read and Everyone: write), which enables a local attacker to gain privileges via a Trojan horse XeService.exe file. This describes a ...