CVE-2006-1379 — HIGH (7.2) — White Hats Nepal

Q: How severe is CVE-2006-1379?

CVE-2006-1379 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-1379?

Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Pc-Cillin 2006.

Vulnerability Description

Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs such as (1) tmntsrv.exe and (2) tmproxy.exe.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Trend Micro	Pc-Cillin 2006	<= 14.10.0.1023

References

http://secunia.com/advisories/19282ExploitPatchVendor Advisory
http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_laExploitVendor AdvisoryURL Repurposed
http://www.vupen.com/english/advisories/2006/1042
http://secunia.com/advisories/19282ExploitPatchVendor Advisory
http://www.secumind.net/content/french/modules/news/article.php?storyid=9&sel_laExploitVendor AdvisoryURL Repurposed
http://www.vupen.com/english/advisories/2006/1042

FAQ

What is CVE-2006-1379?

CVE-2006-1379 is a vulnerability with a CVSS score of 7.2 (HIGH). Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs su...

How severe is CVE-2006-1379?

CVE-2006-1379 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1379?

Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Pc-Cillin 2006.