Jesse Burns

Researcher fromiSEC Partners
#20793of 53,632
12.1Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2005-4803
4.6
2005-12-08
Sunncomm · Sunncomm Mediamax Drm · CVE-2005-4069
**Name of the Vulnerable Software and Affected Versions** SunnComm MediaMax DRM version 5.0.21.0 **Description** The issue allows local users to gain privileges by modifying programs installed in the "SunnComm Shared" directory, due to insecure permissions. Specifically, the `SunnComm MediaMax DRM` assigns `Everyone/Full Control` permissions to this directory, which can be exploited by modifying installed programs such as `MMX.exe`. **Recommendations** For SunnComm MediaMax DRM version 5.0.21.0, consider restricting access to the "SunnComm Shared" directory to prevent local users from modifying installed programs and gaining privileges. As a temporary workaround, restrict write access to the `MMX.exe` program to minimize the risk of exploitation.
PT-2002-1061
7.5
2002-11-27
Kde · Kdelibs · CVE-2003-0370
**Name of the Vulnerable Software and Affected Versions** KDE versions 2.2.2 and earlier kdelibs versions 2.2.2 and earlier kdelibs-devel versions 2.2.2 and earlier kdelibs-sound versions 2.2.2 and earlier kdelibs-sound-devel versions 2.2.2 and earlier **Description** The issue concerns multiple vulnerabilities in KDE and related packages, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, Konqueror Embedded and KDE do not validate the Common Name (CN) field for X.509 Certificates, allowing remote attackers to spoof certificates via a man-in-the-middle attack. **Recommendations** For KDE versions 2.2.2 and earlier, consider updating to a newer version to mitigate the risk. For kdelibs versions 2.2.2 and earlier, consider updating to a newer version to mitigate the risk. For kdelibs-devel versions 2.2.2 and earlier, consider updating to a newer version to mitigate the risk. For kdelibs-sound versions 2.2.2 and earlier, consider updating to a newer version to mitigate the risk. For kdelibs-sound-devel versions 2.2.2 and earlier, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to sensitive information and implementing additional security measures to minimize the risk of exploitation.