Lucene search

[email protected]CVE-2006-6961

HistoryJan 29, 2007 - 4:28 p.m.

CVE-2006-6961

2007-01-2916:28:00

[email protected]

web.nvd.nist.gov

webroot

spy sweeper

malware detection

file contents

bypass

remote attackers

cve-2006-6961

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.7%

JSON

WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file’s name.

Affected configurations

NVD

Node

webroot_softwarespy_sweeperRange≤4.5.9

CPENameOperatorVersion
webroot_software:spy_sweeperwebroot software spy sweeperle4.5.9

CPE	Name	Operator	Version
webroot_software:spy_sweeper	webroot software spy sweeper	le	4.5.9

References

www.osvdb.org/27538

www.securityfocus.com/archive/1/437814/100/200/threaded

www.sentinel.gr/advisories/SGA-0001.txt

exchange.xforce.ibmcloud.com/vulnerabilities/27272

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.7%

JSON

Related for CVE-2006-6961

nvd1 cvelist1 securityvulns1