PT-2005-4803 · Sunncomm · Sunncomm Mediamax Drm

Alex Stamos

Publicado

2005-12-08

Atualizado

2011-03-07

CVE-2005-4069

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SunnComm MediaMax DRM version 5.0.21.0

Description The issue allows local users to gain privileges by modifying programs installed in the "SunnComm Shared" directory, due to insecure permissions. Specifically, the SunnComm MediaMax DRM assigns Everyone/Full Control permissions to this directory, which can be exploited by modifying installed programs such as MMX.exe.

Recommendations For SunnComm MediaMax DRM version 5.0.21.0, consider restricting access to the "SunnComm Shared" directory to prevent local users from modifying installed programs and gaining privileges. As a temporary workaround, restrict write access to the MMX.exe program to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2005-4069

Produtos afetados

Sunncomm Mediamax Drm

PT-2005-4803 · Sunncomm · Sunncomm Mediamax Drm

CVE-2005-4069

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8