CVE-2006-5968

Loading...

General

Score:4.6/10.0
Severity:Low
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Published on 17/11/06 - Updated on 20/07/17

Description

MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2006-5968

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
alt-nmdaemon

Share this vulnerability with:

Twitter Facebook LinkedIn Mail