Vulnerability Description
nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bakbone | Netvault | 7.1.1 |
References
- http://marc.info/?l=bugtraq&m=111464410324243&w=2
- http://secunia.com/advisories/15158/
- http://www.osvdb.org/15900
- http://www.securityfocus.com/bid/13408Exploit
- http://www.vupen.com/english/advisories/2005/0420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20302
- http://marc.info/?l=bugtraq&m=111464410324243&w=2
- http://secunia.com/advisories/15158/
- http://www.osvdb.org/15900
- http://www.securityfocus.com/bid/13408Exploit
- http://www.vupen.com/english/advisories/2005/0420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20302
FAQ
What is CVE-2005-1372?
CVE-2005-1372 is a vulnerability with a CVSS score of 4.6 (MEDIUM). nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.
How severe is CVE-2005-1372?
CVE-2005-1372 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1372?
Check the references section above for vendor advisories and patch information. Affected products include: Bakbone Netvault.