CVE-2004-0831
First published: Tue Sep 14 2004(Updated: )
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee VirusScan Plus | =4.5 | |
| McAfee VirusScan Plus | =4.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-0831?
CVE-2004-0831 is considered a medium-severity vulnerability due to the potential for local privilege escalation.
How do I fix CVE-2004-0831?
To fix CVE-2004-0831, update McAfee VirusScan to a version that addresses this vulnerability, such as a later release than 4.5.1.
What are the affected versions in CVE-2004-0831?
CVE-2004-0831 affects McAfee VirusScan versions 4.5 and 4.5.1.
Who can exploit CVE-2004-0831?
CVE-2004-0831 can be exploited by local users who have access to the System Scan properties.
What are the potential impacts of CVE-2004-0831?
The potential impacts of CVE-2004-0831 include unauthorized privilege escalation allowing local users to execute actions with higher system permissions.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/mcafee
- canonical/mcafee virusscan plus
- version/mcafee virusscan plus/4.5
- version/mcafee virusscan plus/4.5.1