Vulnerability Description
Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oray | Peanuthull | 3.0.1.0 |
References
- http://marc.info/?l=bugtraq&m=112190569628213&w=2
- http://secunia.com/advisories/16124
- http://secway.org/advisory/AD20050720EN.txtExploitVendor Advisory
- http://www.securityfocus.com/bid/14330
- http://marc.info/?l=bugtraq&m=112190569628213&w=2
- http://secunia.com/advisories/16124
- http://secway.org/advisory/AD20050720EN.txtExploitVendor Advisory
- http://www.securityfocus.com/bid/14330
FAQ
What is CVE-2005-2382?
CVE-2005-2382 is a vulnerability with a CVSS score of 7.2 (HIGH). Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality.
How severe is CVE-2005-2382?
CVE-2005-2382 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2382?
Check the references section above for vendor advisories and patch information. Affected products include: Oray Peanuthull.