CVE-2006-1125
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/03/2006
Last modified:
03/04/2025
Description
Grisoft AVG Free 7.1, and other versions including 7.0.308, sets Everyone/Full Control permissions for certain update files including (1) upd_vers.cfg, (2) incavi.avm, and (3) unspecified drivers, which might allow local users to gain privileges.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:grisoft:avg_antivirus:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:grisoft:avg_antivirus:7.0.251:*:*:*:*:*:*:* | ||
| cpe:2.3:a:grisoft:avg_antivirus:7.0.323:*:*:*:*:*:*:* | ||
| cpe:2.3:a:grisoft:avg_antivirus:7.1.308:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2006-02/0631.html
- http://secunia.com/advisories/19118
- http://securitytracker.com/id?1015728=
- http://www.dslreports.com/forum/remark%2C15601404
- http://www.securityfocus.com/bid/16952
- http://www.vupen.com/english/advisories/2006/0845
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25139
- http://archives.neohapsis.com/archives/bugtraq/2006-02/0631.html
- http://secunia.com/advisories/19118
- http://securitytracker.com/id?1015728=
- http://www.dslreports.com/forum/remark%2C15601404
- http://www.securityfocus.com/bid/16952
- http://www.vupen.com/english/advisories/2006/0845
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25139