exploitDog

CVE-2006-4801

Опубликовано: 14 сент. 2006

Источник: nvd

CVSS2: 6.2

EPSS Низкий

Описание

Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges.

Ссылки

http://secunia.com/advisories/21867
Vendor Advisory
http://www.netragard.com/pdfs/research/ROXIO_RACE_NETRAGARD-20060624.txt
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/19955
http://www.vupen.com/english/advisories/2006/3608
http://secunia.com/advisories/21867
Vendor Advisory
http://www.netragard.com/pdfs/research/ROXIO_RACE_NETRAGARD-20060624.txt
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/19955
http://www.vupen.com/english/advisories/2006/3608

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:roxio:toast:7:*:titanium:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

6.2 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-8wjq-6h9j-428w

github

почти 4 года назад

Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges.

EPSS

Процентиль: 14%

0.00046

Низкий

6.2 Medium

CVSS2

Дефекты

CWE-362