Lucene search

[email protected]CVE-2004-1313

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1313

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1313

smc.exe

my firewall plus

privilege escalation

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.

Affected configurations

NVD

Node

webroot_softwaremy_firewall_plusMatch5.0

CPENameOperatorVersion
webroot_software:my_firewall_pluswebroot software my firewall pluseq5.0

CPE	Name	Operator	Version
webroot_software:my_firewall_plus	webroot software my firewall plus	eq	5.0

References

secunia.com/secunia_research/2004-16/

exchange.xforce.ibmcloud.com/vulnerabilities/18622

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2004-1313

cvelist1 nvd1