Privilege Escalation in Kaspersky Anti-Spam Application Files
CVE-2007-4206

Currently unrated

Key Information:

Vendor: kaspersky
Status: Kaspersky Anti-spam
Vendor: CVE Published:; 8 August 2007

Summary

Kaspersky Anti-Spam 3.0 MP1, prior to the Critical Fix 2 (version 3.0.278.4), contains an issue where incorrect file permissions are set during certain upgrade scenarios. This vulnerability allows local users to potentially elevate their privileges, granting them unauthorized access to sensitive areas of the application. It is crucial for users of Kaspersky Anti-Spam to promptly apply safeguards and updates to mitigate risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/25189

vdb-entryx_refsource_BID

http://www.kaspersky.com/technews?id=203038705

x_refsource_CONFIRM

http://secunia.com/advisories/26312

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Aug 8, 2007
Vulnerability Reserved
Aug 7, 2007