Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4590

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-4590
Last Modified 05 Sep 2008 04:57:16
Published 30 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4590

Summary

Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL specifying a .exe file.

Vulnerable Systems

Application

  • Spb Kiosk Engine 1.0.0.1


References

BUGTRAQ - 20051228 Airscanner Mobile Security Advisory #05083102 Spb Kiosk Engine Program Bypass

MISC - http://www.airscanner.com/security/05083102_kioskremove.htm

SECUNIA - 18243

XF - spdkioskengine-app-security-bypass(23905)


Last Updated: 27 May 2016 10:41:22