Executive Summary

Informations
NameCVE-2019-8455First vendor Publication2019-04-17
VendorCveLast vendor Modification2019-05-03

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:N)
Cvss Base Score3.6Attack RangeLocal
Cvss Impact Score4.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8455

CWE : Common Weakness Enumeration

%idName
100 %CWE-275Permission Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108029
MISC https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2019-05-04 05:19:19
  • Multiple Updates
2019-04-28 00:19:29
  • Multiple Updates
2019-04-23 21:19:22
  • Multiple Updates
2019-04-22 21:19:23
  • Multiple Updates
2019-04-17 21:19:25
  • First insertion