Vulnerability Details : CVE-2007-4649
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe.
Products affected by CVE-2007-4649
- cpe:2.3:a:microworld_technologies:escan_anti-virus:9.0.722.1:*:*:*:*:*:*:*
- cpe:2.3:a:microworld_technologies:escan_internet_security:9.0.722.1:*:*:*:*:*:*:*
- cpe:2.3:a:microworld_technologies:escan_virus_control:9.0.722.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4649
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-4649
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2007-4649
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4649
Jump to