Vulnerabilities > CVE-2004-1313 - Local Security vulnerability in Webroot Software MY Firewall Plus 5.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

webroot-software

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Webroot_Software Webroot Software MY Firewall Plus 5.0	1

References

http://secunia.com/secunia_research/2004-16/
https://exchange.xforce.ibmcloud.com/vulnerabilities/18622