CVE-2006-2154
First published: Wed May 03 2006(Updated: )
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Dantz Retrospect | <=7.0 | |
| EMC Dantz Retrospect | <=6.5 | |
| EMC Dantz Retrospect | <=7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-2154?
CVE-2006-2154 is considered a high severity vulnerability due to the potential for local users to execute arbitrary code.
How do I fix CVE-2006-2154?
To fix CVE-2006-2154, update EMC Retrospect to version 6.5.382 or later, 7.0.344 or later, or 7.5.1.105 or later.
Who is affected by CVE-2006-2154?
CVE-2006-2154 affects users of EMC Retrospect for Windows versions 6.5 through 7.5 below their respective patched versions.
What type of vulnerability is CVE-2006-2154?
CVE-2006-2154 is a privilege escalation vulnerability allowing local users to execute arbitrary code.
Can CVE-2006-2154 be exploited remotely?
No, CVE-2006-2154 can only be exploited locally, making it a local privilege escalation risk.
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/emc
- canonical/emc dantz retrospect
- version/emc dantz retrospect/7.0
- version/emc dantz retrospect/6.5
- version/emc dantz retrospect/7.5