Vulnerability CVE-2006-1379


Published: 2006-03-24   Modified: 2012-02-12

Description:
Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs such as (1) tmntsrv.exe and (2) tmproxy.exe.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Trend micro -> Pc-cillin 2006 

 References:
http://secunia.com/advisories/19282
http://www.vupen.com/english/advisories/2006/1042
http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_lang=english

Copyright 2024, cxsecurity.com

 

Back to Top