Back to search
CVE-2006-1649
Published: Apr 6, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
24393
vdb-entry
x_refsource_OSVDB
1015867
vdb-entry
x_refsource_SECTRACK
17374
vdb-entry
x_refsource_BID
672
third-party-advisory
x_refsource_SREASON
nod32-restoreto-file-upload(25640)
vdb-entry
x_refsource_XF
ADV-2006-1242
vdb-entry
x_refsource_VUPEN
20060404 NOD32 local privilege escalation vulnerability
mailing-list
x_refsource_BUGTRAQ
19054
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now