ID CVE-2005-0515
Summary Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
References
Vulnerable Configurations
  • cpe:2.3:a:webroot_software:my_firewall_plus:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:webroot_software:my_firewall_plus:5.0:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 05-09-2008 - 20:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 12842
confirm http://www.webroot.com/services/mfp_advisory.php
misc http://secunia.com/secunia_research/2004-20/advisory/
secunia 13577
Last major update 05-09-2008 - 20:46
Published 18-05-2005 - 04:00
Back to Top