Vulnerability Description
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Webroot Software | My Firewall Plus | 5.0 |
References
- http://secunia.com/advisories/13577PatchVendor Advisory
- http://secunia.com/secunia_research/2004-20/advisory/PatchVendor Advisory
- http://www.securityfocus.com/bid/12842PatchVendor Advisory
- http://www.webroot.com/services/mfp_advisory.phpPatchVendor Advisory
- http://secunia.com/advisories/13577PatchVendor Advisory
- http://secunia.com/secunia_research/2004-20/advisory/PatchVendor Advisory
- http://www.securityfocus.com/bid/12842PatchVendor Advisory
- http://www.webroot.com/services/mfp_advisory.phpPatchVendor Advisory
FAQ
What is CVE-2005-0515?
CVE-2005-0515 is a vulnerability with a CVSS score of 2.1 (LOW). Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary fi...
How severe is CVE-2005-0515?
CVE-2005-0515 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0515?
Check the references section above for vendor advisories and patch information. Affected products include: Webroot Software My Firewall Plus.