Lucene search

[email protected]CVE-2005-0515

HistoryMay 18, 2005 - 4:00 a.m.

CVE-2005-0515

2005-05-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0515

smc.exe

my firewall plus

log viewer

local users

file corruption

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.

Affected configurations

NVD

Node

webroot_softwaremy_firewall_plusMatch5.0

CPENameOperatorVersion
webroot_software:my_firewall_pluswebroot software my firewall pluseq5.0

CPE	Name	Operator	Version
webroot_software:my_firewall_plus	webroot software my firewall plus	eq	5.0

References

secunia.com/advisories/13577

secunia.com/secunia_research/2004-20/advisory/

www.securityfocus.com/bid/12842

www.webroot.com/services/mfp_advisory.php

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-0515

nvd1 cvelist1