Dantz · Dantz Retrospect Client · CVE-2003-0490
Name of the Vulnerable Software and Affected Versions:
Dantz Retrospect Client version 5.0.540
Dantz Retrospect Client (affected versions not specified, possibly other versions than 5.0.540)
Description:
The issue allows local users to gain privileges as other users by replacing programs with malicious code due to world-writable permissions on critical directories and files created during the installation of the software.
Recommendations:
For version 5.0.540, consider changing the permissions of the critical directories and files to prevent world-writable access until a patch is available.
For other possibly affected versions, at the moment, there is no information about a newer version that contains a fix for this issue.