Vulnerability Description
Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Groove | Groove Workspace | <= 2.5n_build_1871 |
| Groove | Virtual Office | <= 3.1_build_2338 |
References
- http://secunia.com/advisories/15421PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/443370Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/JGEI-6BCRBXThird Party AdvisoryUS Government Resource
- http://secunia.com/advisories/15421PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/443370Third Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/JGEI-6BCRBXThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2005-1675?
CVE-2005-1675 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which...
How severe is CVE-2005-1675?
CVE-2005-1675 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1675?
Check the references section above for vendor advisories and patch information. Affected products include: Groove Groove Workspace, Groove Virtual Office.