CVE-2006-2154

Sažetak

EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.

Reference

http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324
http://secunia.com/advisories/19850
http://www.securityfocus.com/bid/17798
http://www.vupen.com/english/advisories/2006/1612
https://exchange.xforce.ibmcloud.com/vulnerabilities/26226

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

03-05-2006 - 10:02