Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities by webroot_software
CVE-2006-6959 (GCVE-0-2006-6959)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security restrictions by modifying certain registry keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27535 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27535"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27535"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27535"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6959",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6961 (GCVE-0-2006-6961)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27538 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:06.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27538"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file\u0027s name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27538"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file\u0027s name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27538"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6961",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:06.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6960 (GCVE-0-2006-6960)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/27536 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27536"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27536"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27536"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6960",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3198 (GCVE-0-2005-3198)
Vulnerability from nvd – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/15745/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/15016 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2005/1973 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/55 | third-party-advisoryx_refsource_SREASON |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://support.webroot.com/ics/support/KBAnswer.a… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1015012 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/19869 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/secunia_research/2005-10/advisory/ | x_refsource_MISC |
Date Public
2005-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19869"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19869"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"name": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332",
"refsource": "CONFIRM",
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19869"
},
{
"name": "http://secunia.com/secunia_research/2005-10/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3198",
"datePublished": "2005-10-14T04:00:00.000Z",
"dateReserved": "2005-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3197 (GCVE-0-2005-3197)
Vulnerability from nvd – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/15745/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/15016 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2005/1973 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/19868 | vdb-entryx_refsource_OSVDB |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://support.webroot.com/ics/support/KBAnswer.a… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1015012 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2005-10/advisory/ | x_refsource_MISC |
Date Public
2005-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"name": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332",
"refsource": "CONFIRM",
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"name": "http://secunia.com/secunia_research/2005-10/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3197",
"datePublished": "2005-10-14T04:00:00.000Z",
"dateReserved": "2005-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0515 (GCVE-0-2005-0515)
Vulnerability from nvd – Published: 2005-03-18 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.webroot.com/services/mfp_advisory.php | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/12842 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/13577 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/secunia_research/2004-20/advisory/ | x_refsource_MISC |
Date Public
2005-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13577"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-25T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13577"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0515",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.webroot.com/services/mfp_advisory.php",
"refsource": "CONFIRM",
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13577"
},
{
"name": "http://secunia.com/secunia_research/2004-20/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0515",
"datePublished": "2005-03-18T05:00:00.000Z",
"dateReserved": "2005-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1313 (GCVE-0-2004-1313)
Vulnerability from nvd – Published: 2004-12-22 05:00 – Updated: 2024-08-08 00:46
VLAI
Summary
The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2004-16/ | x_refsource_MISC |
Date Public
2004-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-16/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-16/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"name": "http://secunia.com/secunia_research/2004-16/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-16/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1313",
"datePublished": "2004-12-22T05:00:00.000Z",
"dateReserved": "2004-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:46:12.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2676 (GCVE-0-2004-2676)
Vulnerability from nvd – Published: 2007-01-29 16:00 – Updated: 2024-08-08 01:36
VLAI
Summary
The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/secunia_research/2004-14/advisory/ | x_refsource_MISC |
| http://secunia.com/advisories/13187 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1012652 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/12534 | vdb-entryx_refsource_OSVDB |
Date Public
2004-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2004-14/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2676",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6959 (GCVE-0-2006-6959)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security restrictions by modifying certain registry keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27535 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27535"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27535"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the \"Startup-Shield\" security restrictions by modifying certain registry keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "spy-sweeper-registry-security-bypass(27264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27264"
},
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27535",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27535"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6959",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6961 (GCVE-0-2006-6961)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/27538 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:06.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27538"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file\u0027s name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27538"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file\u0027s name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "27538",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27538"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
},
{
"name": "spy-sweeper-filename-security-bypass(27272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6961",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:06.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6960 (GCVE-0-2006-6960)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-07 20:50
VLAI
Summary
The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/437814/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/27536 | vdb-entryx_refsource_OSVDB |
| http://www.sentinel.gr/advisories/SGA-0001.txt | x_refsource_MISC |
Date Public
2006-06-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:04.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27536"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27536"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060620 Multiple Bypass and Integrity Lost Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437814/100/200/threaded"
},
{
"name": "spy-sweeper-archive-security-bypass(27266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27266"
},
{
"name": "27536",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27536"
},
{
"name": "http://www.sentinel.gr/advisories/SGA-0001.txt",
"refsource": "MISC",
"url": "http://www.sentinel.gr/advisories/SGA-0001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6960",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:50:04.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2676 (GCVE-0-2004-2676)
Vulnerability from cvelistv5 – Published: 2007-01-29 16:00 – Updated: 2024-08-08 01:36
VLAI
Summary
The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/secunia_research/2004-14/advisory/ | x_refsource_MISC |
| http://secunia.com/advisories/13187 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1012652 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/12534 | vdb-entryx_refsource_OSVDB |
Date Public
2004-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2004-14/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-14/advisory/"
},
{
"name": "13187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13187"
},
{
"name": "spy-sweeper-gain-privileges(18628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18628"
},
{
"name": "1012652",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012652"
},
{
"name": "12534",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2676",
"datePublished": "2007-01-29T16:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3198 (GCVE-0-2005-3198)
Vulnerability from cvelistv5 – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/15745/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/15016 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2005/1973 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/55 | third-party-advisoryx_refsource_SREASON |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://support.webroot.com/ics/support/KBAnswer.a… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1015012 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/19869 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/secunia_research/2005-10/advisory/ | x_refsource_MISC |
Date Public
2005-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19869"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19869"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "webroot-deviceiocontrol-bypass-security(22530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22530"
},
{
"name": "55",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/55"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"name": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332",
"refsource": "CONFIRM",
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "19869",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19869"
},
{
"name": "http://secunia.com/secunia_research/2005-10/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3198",
"datePublished": "2005-10-14T04:00:00.000Z",
"dateReserved": "2005-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3197 (GCVE-0-2005-3197)
Vulnerability from cvelistv5 – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/15745/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/15016 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2005/1973 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/19868 | vdb-entryx_refsource_OSVDB |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://support.webroot.com/ics/support/KBAnswer.a… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1015012 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2005-10/advisory/ | x_refsource_MISC |
Date Public
2005-10-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15745/"
},
{
"name": "15016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15016"
},
{
"name": "ADV-2005-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1973"
},
{
"name": "19868",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19868"
},
{
"name": "20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0129.html"
},
{
"name": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332",
"refsource": "CONFIRM",
"url": "http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332"
},
{
"name": "1015012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015012"
},
{
"name": "webroot-pwiwrapper-bo(22529)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22529"
},
{
"name": "http://secunia.com/secunia_research/2005-10/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-10/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3197",
"datePublished": "2005-10-14T04:00:00.000Z",
"dateReserved": "2005-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0515 (GCVE-0-2005-0515)
Vulnerability from cvelistv5 – Published: 2005-03-18 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.webroot.com/services/mfp_advisory.php | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/12842 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/13577 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/secunia_research/2004-20/advisory/ | x_refsource_MISC |
Date Public
2005-03-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13577"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-25T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13577"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0515",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.webroot.com/services/mfp_advisory.php",
"refsource": "CONFIRM",
"url": "http://www.webroot.com/services/mfp_advisory.php"
},
{
"name": "12842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12842"
},
{
"name": "13577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13577"
},
{
"name": "http://secunia.com/secunia_research/2004-20/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-20/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0515",
"datePublished": "2005-03-18T05:00:00.000Z",
"dateReserved": "2005-02-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1313 (GCVE-0-2004-1313)
Vulnerability from cvelistv5 – Published: 2004-12-22 05:00 – Updated: 2024-08-08 00:46
VLAI
Summary
The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/secunia_research/2004-16/ | x_refsource_MISC |
Date Public
2004-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-16/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-16/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "my-firewall-plus-gain-privileges(18622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18622"
},
{
"name": "http://secunia.com/secunia_research/2004-16/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-16/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1313",
"datePublished": "2004-12-22T05:00:00.000Z",
"dateReserved": "2004-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:46:12.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}