Vulnerability Description
The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alt-N | Mdaemon | 6.8.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-11/0385.htmlExploit
- http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.htmlExploit
- http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html
- http://secunia.com/advisories/13225Vendor Advisory
- http://securitytracker.com/id?1012350Exploit
- http://www.osvdb.org/12158
- http://www.securityfocus.com/bid/11736
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18287
- http://archives.neohapsis.com/archives/bugtraq/2004-11/0385.htmlExploit
- http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.htmlExploit
- http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html
- http://secunia.com/advisories/13225Vendor Advisory
- http://securitytracker.com/id?1012350Exploit
- http://www.osvdb.org/12158
- http://www.securityfocus.com/bid/11736
FAQ
What is CVE-2004-2504?
CVE-2004-2504 is a vulnerability with a CVSS score of 7.2 (HIGH). The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with phy...
How severe is CVE-2004-2504?
CVE-2004-2504 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2504?
Check the references section above for vendor advisories and patch information. Affected products include: Alt-N Mdaemon.