CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3784

Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.8%

CVSS Severity

CVSS v2 Score 7.2

References

http://secunia.com/advisories/21113
http://securityreason.com/securityalert/1261
http://www.digitalbullets.org/?p=3
http://www.securityfocus.com/archive/1/440448/100/0/threaded
http://www.vupen.com/english/advisories/2006/2874
http://secunia.com/advisories/21113
http://securityreason.com/securityalert/1261
http://www.digitalbullets.org/?p=3
http://www.securityfocus.com/archive/1/440448/100/0/threaded
http://www.vupen.com/english/advisories/2006/2874

Products affected by CVE-2006-3784

Symantec » Pcanywhere » Version: 12.5

cpe:2.3:a:symantec:pcanywhere:12.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3784

Products

Pricing

Contact Us