SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Sunncomm
  • Mediamax Drm

Configuration 1 [-]

cpe:2.3:a:sunncomm:mediamax_drm:5.0.21.0:*:*:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/17933 Patch Vendor Advisory
http://securitytracker.com/id?1015327
http://www.eff.org/IP/DRM/Sony-BMG/MediaMaxVulnerabilityReport.pdf Exploit Vendor Advisory
http://www.eff.org/news/archives/2005_12.php#004234
http://www.kb.cert.org/vuls/id/928689 US Government Resource
http://www.securityfocus.com/bid/15754
http://www.vupen.com/english/advisories/2005/2783 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-12-08T01:00:00

Updated: 2005-12-12T10:00:00

Reserved: 2005-12-08T00:00:00

Link: CVE-2005-4069

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2005-12-08T01:03:00.000

Modified: 2011-03-07T05:00:00.000

Link: CVE-2005-4069

JSON object: View

cve-icon Redhat Information

No data.

CWE