Vulnerabilities > CVE-2006-0948 - Local Privilege Escalation vulnerability in AOL 9.04184.2340
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files. AOL has released fixes to address this issue. These fixes can be automatically applied by logging in to the service.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/18734
- http://secunia.com/secunia_research/2006-08
- http://securityreason.com/securityalert/1416
- http://securitytracker.com/id?1016717
- http://www.osvdb.org/27995
- http://www.securityfocus.com/archive/1/443622/100/0/threaded
- http://www.securityfocus.com/bid/19583
- http://www.vupen.com/english/advisories/2006/3317
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28445