Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
References
Link | Resource |
---|---|
http://secunia.com/advisories/13577 | Patch Vendor Advisory |
http://secunia.com/secunia_research/2004-20/advisory/ | Patch Vendor Advisory |
http://www.securityfocus.com/bid/12842 | Patch Vendor Advisory |
http://www.webroot.com/services/mfp_advisory.php | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-03-18T05:00:00
Updated: 2005-03-25T10:00:00
Reserved: 2005-02-23T00:00:00
Link: CVE-2005-0515
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-05-18T04:00:00.000
Modified: 2008-09-05T20:46:31.647
Link: CVE-2005-0515
JSON object: View
Redhat Information
No data.
CWE