CVE-2006-5968

EPSS 0.4%
Veröffentlicht 17.11.2006 22:07:00
Zuletzt bearbeitet 16.06.2026 22:32:13
Quelle PSIRT-CNA@flexerasoftware.com
CVE-Watchlists
Login
Unerledigt
Login

MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

NVD 4 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Alt-n ≫ Mdaemon Version9.0.5

Alt-n ≫ Mdaemon Version9.0.6

Alt-n ≫ Mdaemon Version9.51

Alt-n ≫ Mdaemon Version9.53

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.4%	0.312

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/21554

http://secunia.com/secunia_research/2006-67/advisory/

Vendor Advisory

http://securityreason.com/securityalert/1890

http://securitytracker.com/id?1017238

http://www.securityfocus.com/archive/1/451821/100/100/threaded

http://www.vupen.com/english/advisories/2006/4538

https://exchange.xforce.ibmcloud.com/vulnerabilities/30331

https://nvd.nist.gov/vuln/detail/CVE-2006-5968

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5968

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5968

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-5968