Webroot My Firewall Local Insecure File Creation Vulnerability
BID:12842
Info
Webroot My Firewall Local Insecure File Creation Vulnerability
| Bugtraq ID: | 12842 |
| Class: | Access Validation Error |
| CVE: |
CVE-2005-0515 CVE-2005-0515 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 18 2005 12:00AM |
| Updated: | Mar 19 2015 08:50AM |
| Credit: | Carsten Eiram is credited with the discovery of this issue. |
| Vulnerable: |
Webroot Software My Firewall Plus 5.0 |
| Not Vulnerable: | |
Discussion
Webroot My Firewall Local Insecure File Creation Vulnerability
A local insecure file creation vulnerability affects Webroot My Firewall. This issue is due to an access validation issue that allows an unprivileged user to create files with escalated privileges.
This issue may be exploited by a local attacker to corrupt arbitrary files on an affected computer with SYSTEM privileges.
A local insecure file creation vulnerability affects Webroot My Firewall. This issue is due to an access validation issue that allows an unprivileged user to create files with escalated privileges.
This issue may be exploited by a local attacker to corrupt arbitrary files on an affected computer with SYSTEM privileges.
Exploit / POC
Webroot My Firewall Local Insecure File Creation Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Webroot My Firewall Local Insecure File Creation Vulnerability
Solution:
The vendor has released a patch dealing with this issue.
Webroot My Firewall Plus 5.0
Solution:
The vendor has released a patch dealing with this issue.
Webroot My Firewall Plus 5.0
-
Webroot Software mfp_patch.exe
http://www.webroot.com/services/mfp_patch.exe
References
Webroot My Firewall Local Insecure File Creation Vulnerability
References:
References:
- My Firewall Plus Product Page (Webroot Software)
- Security Alert - March 16, 2005 My Firewall (Webroot Software)