Vulnerabilities > CVE-2006-2154 - Local Privilege Escalation vulnerability in EMC Dantz Retrospect Backup Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. Apply Retrospect Driver Update 7.5.1.105. Apply Application Security Update 7.0.344 (requires Retrospect 7.0.326 or Retrospect Express 7.0.301). Apply Application Security Update 6.5.382 (requires Retrospect 6.5.350 or Retrospect Express 6.5.350).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |