Vulnerabilities > Absolute > Computrace Agent > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-05-11 CVE-2009-5152 Race Condition vulnerability in Absolute Computrace Agent
Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file.
local
high complexity
absolute CWE-362
4.1
2018-05-11 CVE-2009-5151 Improper Access Control vulnerability in Absolute Computrace Agent 70.785
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS.
local
low complexity
absolute CWE-284
6.7
2018-05-11 CVE-2009-5150 Improper Access Control vulnerability in Absolute Computrace Agent 80.845/80.866
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space.
local
low complexity
absolute CWE-284
6.7