CVE-2004-2329
Summary
| CVE | CVE-2004-2329 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-12-31 05:00:00 UTC |
| Updated | 2017-07-11 01:31:00 UTC |
| Description | Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Kerio | Personal Firewall | 2.1.5 | All | All | All |
| Application | Kerio | Personal Firewall | 2.1.5 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Not Found | MISC | www.tuneld.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| 3748 | OSVDB | www.osvdb.org | |
| 404 Not Found | MISC | www.tuneld.com | Exploit |
| Kerio Personal Firewall Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | |
| Secunia - Advisories - Kerio Personal Firewall Privilege Escalation Vulnerability | SECUNIA | secunia.com | Vendor Advisory |
| SecurityTracker.com Archives - Kerio Personal Firewall Administration Menu Lets Local Users Run Applications With SYSTEM Privileges | SECTRACK | www.securitytracker.com | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.