CVE-2004-1149

Currently unrated

Key Information:

Vendor: Broadcom
Status: Etrust Ez Antivirus
Vendor: CVE Published:; 10 January 2005

Summary

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18502

vdb-entryx_refsource_XF

http://www.idefense.com/application/poi/display?id=164

third-party-advisoryx_refsource_IDEFENSE

http://crm.my-etrust.com/login.asp?username=guest&target=...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Dec 7, 2004