CVE - CVE-2006-1649

CVE-ID
CVE-2006-1649	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:17374 URL:http://www.securityfocus.com/bid/17374 BUGTRAQ:20060404 NOD32 local privilege escalation vulnerability URL:http://www.securityfocus.com/archive/1/429892/100/0/threaded OSVDB:24393 URL:~~http://www.osvdb.org/24393~~ (Obsolete source) SECTRACK:1015867 URL:http://securitytracker.com/id?1015867 SECUNIA:19054 URL:http://secunia.com/advisories/19054 SREASON:672 URL:http://securityreason.com/securityalert/672 VUPEN:ADV-2006-1242 URL:~~http://www.vupen.com/english/advisories/2006/1242~~ (Obsolete source) XF:nod32-restoreto-file-upload(25640) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25640
Assigning CNA
MITRE Corporation
Date Record Created
20060406	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060406)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)