Vulnerability Description
Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2) modify arbitrary configuration via the RunAdmin services (SLRAserver.exe and SLRAclient.exe).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scriptlogic | Scriptlogic | 4.1 |
References
- http://www.kb.cert.org/vuls/id/231705Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/609137Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/CRDY-5EXQRPThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/CRDY-5EXQSVThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7475Patch
- http://www.securityfocus.com/bid/7477Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11920
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11921
- http://www.kb.cert.org/vuls/id/231705Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/609137Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/CRDY-5EXQRPThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/CRDY-5EXQSVThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7475Patch
- http://www.securityfocus.com/bid/7477Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11920
FAQ
What is CVE-2003-1121?
CVE-2003-1121 is a vulnerability with a CVSS score of 10.0 (HIGH). Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the Scri...
How severe is CVE-2003-1121?
CVE-2003-1121 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1121?
Check the references section above for vendor advisories and patch information. Affected products include: Scriptlogic Scriptlogic.