PT-2013-4431 · Infotecs · Vipnet Personal Firewall+3
Published
2013-05-22
·
Updated
2013-05-22
·
CVE-2013-3496
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Infotecs ViPNet Client versions 3.2.10 and earlier
Infotecs ViPNet Coordinator versions 3.2.10 and earlier
Infotecs ViPNet Personal Firewall versions 3.1 and earlier
Infotecs ViPNet SafeDisk versions 4.1 and earlier
Description
The issue allows local users to gain privileges via a Trojan horse executable file or DLL file due to weak permissions for a folder under %PROGRAMFILES%Infotecs.
Recommendations
For Infotecs ViPNet Client versions 3.2.10 and earlier, update to a version later than 3.2.10.
For Infotecs ViPNet Coordinator versions 3.2.10 and earlier, update to a version later than 3.2.10.
For Infotecs ViPNet Personal Firewall versions 3.1 and earlier, update to a version later than 3.1.
For Infotecs ViPNet SafeDisk versions 4.1 and earlier, update to a version later than 4.1.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vipnet Client
Vipnet Coordinator
Vipnet Personal Firewall
Vipnet Safedisk