CVE-2004-2504

high

Description

The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18287

http://www.securityfocus.com/bid/11736

http://www.osvdb.org/12158

http://secunia.com/advisories/13225

http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High