Vulnerabilities > CVE-2004-1149 - Unspecified vulnerability in Broadcom Etrust EZ Antivirus

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

broadcom

NVD

Published: 2005-01-10

Updated: 2021-04-09

Summary

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.

Vulnerable Configurations

Part	Description	Count
Application	Broadcom Broadcom Etrust EZ Antivirus 7.0 Broadcom Etrust EZ Antivirus 7.0.1 Broadcom Etrust EZ Antivirus 7.0.1.1 Broadcom Etrust EZ Antivirus 7.0.1.2 Broadcom Etrust EZ Antivirus 7.0.1.3 Broadcom Etrust EZ Antivirus 7.0.1.4 Broadcom Etrust EZ Antivirus 7.0.2 Broadcom Etrust EZ Antivirus 7.0.2.1 Broadcom Etrust EZ Antivirus 7.0.3 Broadcom Etrust EZ Antivirus 7.0.4	10

Summary

Vulnerable Configurations

References