Lucene search

[email protected]NVD:CVE-2004-2676

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2676

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges.

Affected configurations

NVD

Node

webroot_softwarespy_sweeper_enterpriseMatch1.5.1_build_3698

References

secunia.com/advisories/13187

secunia.com/secunia_research/2004-14/advisory/

securitytracker.com/id?1012652

www.osvdb.org/12534

exchange.xforce.ibmcloud.com/vulnerabilities/18628

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2004-2676

securityvulns1 cve1 cvelist1