CVE-2009-4452
published 2009-12-29CVE-2009-4452: Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet…
PriorityP426medium6.8CVSS 2.0
AVLACLAuSCCICAC
EXPLOIT
EPSS
0.82%
52.7th percentile
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | — | — |
| kaspersky_lab | kaspersky_anti-virus | — | — |
| kaspersky_lab | kaspersky_anti-virus | — | — |
| kaspersky_lab | kaspersky_anti-virus_2009 | — | — |
| kaspersky_lab | kaspersky_anti-virus_2010 | — | — |
| kaspersky_lab | kaspersky_anti-virus_personal | — | — |
| kaspersky_lab | kaspersky_anti-virus_personal | — | — |
| kaspersky_lab | kaspersky_anti-virus_personal | — | — |
| kaspersky_lab | kaspersky_anti-virus_personal | — | — |
| kaspersky_lab | kaspersky_internet_security | — | — |
| kaspersky_lab | kaspersky_internet_security_2009 | — | — |
| kaspersky_lab | kaspersky_internet_security_2010 | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:L/AC:L/Au:S/C:C/I:C/A:C
vendor_redhat4.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h766-w7jj-3628: Kaspersky Anti-Virus 5
ghsa_unreviewed·2022-05-02
CVE-2009-4452 [MEDIUM] GHSA-h766-w7jj-3628: Kaspersky Anti-Virus 5
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.
Red Hat
mysql: regression of CVE-2009-4030
vendor_redhat·2012-09-27·CVSS 4.4
CVE-2012-4452 [MEDIUM] mysql: regression of CVE-2009-4030
mysql: regression of CVE-2009-4030
MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
Package: mysql (Red Hat Enterprise Linux 6) - Not affected
No detection rules found.
http://secunia.com/advisories/37398http://secunia.com/advisories/37730http://www.exploit-db.com/exploits/10484http://www.securityfocus.com/archive/1/508508/100/0/threadedhttp://www.securitytracker.com/id?1023366http://www.securitytracker.com/id?1023367http://www.vupen.com/english/advisories/2009/3573http://secunia.com/advisories/37398http://secunia.com/advisories/37730http://www.exploit-db.com/exploits/10484http://www.securityfocus.com/archive/1/508508/100/0/threadedhttp://www.securitytracker.com/id?1023366http://www.securitytracker.com/id?1023367http://www.vupen.com/english/advisories/2009/3573
2009-12-29
Published