Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe).
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=109846296406459&w=2 | |
http://secunia.com/advisories/12962 | Vendor Advisory |
http://www.securityfocus.com/bid/11500 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17838 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-20T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-02-20T00:00:00
Link: CVE-2004-1624
JSON object: View
NVD Information
Status : Modified
Published: 2004-10-21T04:00:00.000
Modified: 2017-07-11T01:31:12.043
Link: CVE-2004-1624
JSON object: View
Redhat Information
No data.
CWE