Lucene search

[email protected]NVD:CVE-2004-1624

HistoryOct 21, 2004 - 4:00 a.m.

CVE-2004-1624

2004-10-2104:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe).

Affected configurations

Nvd

Node

altiriscarbon_copyMatch5.0

altiriscarbon_copyMatch6.0

VendorProductVersionCPE
altiriscarbon_copy5.0cpe:2.3:a:altiris:carbon_copy:5.0:*:*:*:*:*:*:*
altiriscarbon_copy6.0cpe:2.3:a:altiris:carbon_copy:6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
altiris	carbon_copy	5.0	cpe:2.3:a:altiris:carbon_copy:5.0:::::::*
altiris	carbon_copy	6.0	cpe:2.3:a:altiris:carbon_copy:6.0:::::::*

References

marc.info/?l=bugtraq&m=109846296406459&w=2

secunia.com/advisories/12962

www.securityfocus.com/bid/11500

exchange.xforce.ibmcloud.com/vulnerabilities/17838

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2004-1624

cvelist1 cve1