MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: flexera
Published: 2006-11-17T22:00:00
Updated: 2018-10-17T20:57:01
Reserved: 2006-11-17T00:00:00
Link: CVE-2006-5968
JSON object: View
NVD Information
Status : Modified
Published: 2006-11-17T22:07:00.000
Modified: 2018-10-17T21:46:09.437
Link: CVE-2006-5968
JSON object: View
Redhat Information
No data.
CWE