CVE-2006-2154

CVE-2006-2154

EPSS 0.4%

EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324 http://secunia.com/advisories/19850 https://exchange.xforce.ibmcloud.com/vulnerabilities/26226 http://www.securityfocus.com/bid/17798 http://www.vupen.com/english/advisories/2006/1612