Vulnerability Details CVE-2007-5254
VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.2%
CVSS Severity
CVSS v2 Score 7.2
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066313.html
- http://osvdb.org/37991
- http://secunia.com/advisories/27094
- http://www.anti-virus.by/en/
- http://www.securityfocus.com/bid/25930
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066313.html
- http://osvdb.org/37991
- http://secunia.com/advisories/27094
- http://www.anti-virus.by/en/
- http://www.securityfocus.com/bid/25930
Products affected by CVE-2007-5254
-
cpe:2.3:a:virusblokada:vba32_antivirus:3.12.2