mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
97 lines
3.0 KiB
JSON
97 lines
3.0 KiB
JSON
{
|
|
"id": "CVE-2006-2154",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2006-05-03T10:02:00.000",
|
|
"lastModified": "2017-07-20T01:31:13.583",
|
|
"vulnStatus": "Modified",
|
|
"evaluatorSolution": "Apply Retrospect Driver Update 7.5.1.105.\r\nApply Application Security Update 7.0.344 (requires Retrospect 7.0.326 or Retrospect Express 7.0.301).\r\nApply Application Security Update 6.5.382 (requires Retrospect 6.5.350 or Retrospect Express 6.5.350).",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.2
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:emc:retrospect:*:*:windows:*:*:*:*:*",
|
|
"versionEndIncluding": "6.5",
|
|
"matchCriteriaId": "A891F97C-905B-4B59-9BEE-78967D3FC036"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:emc:retrospect:*:*:windows:*:*:*:*:*",
|
|
"versionEndIncluding": "7.0",
|
|
"matchCriteriaId": "B81A28AB-E359-4F07-813C-82CF5E5BBF1B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:emc:retrospect:*:*:windows:*:*:*:*:*",
|
|
"versionEndIncluding": "7.5",
|
|
"matchCriteriaId": "289D648B-DE4F-46C9-935A-5A539C28BD37"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/17798",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/1612",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26226",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |