Vulnerability Description
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eset Software | Nod32 Antivirus | 2.5 |
References
- http://secunia.com/advisories/19054PatchVendor Advisory
- http://secunia.com/secunia_research/2006-17/advisory/
- http://www.osvdb.org/24394
- http://www.vupen.com/english/advisories/2006/1242
- http://secunia.com/advisories/19054PatchVendor Advisory
- http://secunia.com/secunia_research/2006-17/advisory/
- http://www.osvdb.org/24394
- http://www.vupen.com/english/advisories/2006/1242
FAQ
What is CVE-2006-0951?
CVE-2006-0951 is a vulnerability with a CVSS score of 7.2 (HIGH). The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecif...
How severe is CVE-2006-0951?
CVE-2006-0951 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0951?
Check the references section above for vendor advisories and patch information. Affected products include: Eset Software Nod32 Antivirus.