2 matches found
CVE-2005-2482
CVE-2005-2482 affects Metasploit Framework 2.4 and earlier (msfweb StateToOptions). The vulnerability occurs when running with -D (defanged mode): an attacker could modify temporary environment variables before the _Defanged check is performed while processing the Exploit command. NVD lists a Bas...
CVE-2011-1056
Metasploit Framework Local Privilege Escalation (CVE-2011-1056): on Windows, the Metasploit installer uses weak inherited permissions for the installation directory, enabling local users to replace critical files with a Trojan horse and gain privileges. Based on NVD/OpenVAS records, this is a loc...