Vulnerabilities > CVE-2005-2382 - Local Privilege Escalation vulnerability in Oray Peanuthull 3.0.1.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

oray

NVD

Published: 2005-07-26

Updated: 2016-10-18

Summary

Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality.

Vulnerable Configurations

Part	Description	Count
Application	Oray Oray Peanuthull 3.0.1.0	1

References

http://marc.info/?l=bugtraq&m=112190569628213&w=2
http://secunia.com/advisories/16124
http://secway.org/advisory/AD20050720EN.txt
http://www.securityfocus.com/bid/14330