CVE-2004-1149

3 documents3 sources
Severity
7.2HIGH
EPSS
0.1%
top 82.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Etrust EZ Antivirus
Timeline
PublishedJan 10
Latest updateApr 29

Description

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDbroadcom/etrust_ez_antivirus10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-3x36-8c4c-qcgh: Computer Associates eTrust EZ Antivirus 72022-04-29
CVEList
CVE-2004-1149: Computer Associates eTrust EZ Antivirus 72004-12-22
CVE-2004-1149 (HIGH CVSS 7.2) | Computer Associates eTrust EZ Antiv | cvebase.io