CVE-2005-4069
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
08/12/2005
Last modified:
03/04/2025
Description
SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:sunncomm:mediamax_drm:5.0.21.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/17933
- http://securitytracker.com/id?1015327=
- http://www.eff.org/IP/DRM/Sony-BMG/MediaMaxVulnerabilityReport.pdf
- http://www.eff.org/news/archives/2005_12.php#004234
- http://www.kb.cert.org/vuls/id/928689
- http://www.securityfocus.com/bid/15754
- http://www.vupen.com/english/advisories/2005/2783
- http://secunia.com/advisories/17933
- http://securitytracker.com/id?1015327=
- http://www.eff.org/IP/DRM/Sony-BMG/MediaMaxVulnerabilityReport.pdf
- http://www.eff.org/news/archives/2005_12.php#004234
- http://www.kb.cert.org/vuls/id/928689
- http://www.securityfocus.com/bid/15754
- http://www.vupen.com/english/advisories/2005/2783