Vulnerability Description
The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Webroot Software | My Firewall Plus | 5.0 |
References
- http://secunia.com/secunia_research/2004-16/Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18622
- http://secunia.com/secunia_research/2004-16/Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18622
FAQ
What is CVE-2004-1313?
CVE-2004-1313 is a vulnerability with a CVSS score of 7.2 (HIGH). The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.
How severe is CVE-2004-1313?
CVE-2004-1313 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1313?
Check the references section above for vendor advisories and patch information. Affected products include: Webroot Software My Firewall Plus.