Vulnerability Description
My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| My Firewall Plus | My Firewall Plus | 5.0_build_1119 |
References
- http://secunia.com/advisories/21142Vendor Advisory
- http://secunia.com/secunia_research/2006-59/advisoryVendor Advisory
- http://securitytracker.com/id?1017267
- http://www.securityfocus.com/archive/1/452233/100/0/threaded
- http://www.securityfocus.com/bid/21228
- http://www.vupen.com/english/advisories/2006/4635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30476
- http://secunia.com/advisories/21142Vendor Advisory
- http://secunia.com/secunia_research/2006-59/advisoryVendor Advisory
- http://securitytracker.com/id?1017267
- http://www.securityfocus.com/archive/1/452233/100/0/threaded
- http://www.securityfocus.com/bid/21228
- http://www.vupen.com/english/advisories/2006/4635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30476
FAQ
What is CVE-2006-3973?
CVE-2006-3973 is a vulnerability with a CVSS score of 7.2 (HIGH). My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges.
How severe is CVE-2006-3973?
CVE-2006-3973 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3973?
Check the references section above for vendor advisories and patch information. Affected products include: My Firewall Plus My Firewall Plus.