CVE-2006-1380

Sažetak

ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe.

Reference

http://secunia.com/advisories/19022
http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english
http://www.vupen.com/english/advisories/2006/1041
https://exchange.xforce.ibmcloud.com/vulnerabilities/25415

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

24-03-2006 - 11:02