VAR-200607-0237
Vulnerability from variot - Updated: 2025-04-03 22:41Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall. Lavasoft Personal Firewall will allow local attackers to gain elevated privileges, which may lead to a complete compromise. Version 1.0.543.5722 (433) is reported vulnerable. Other versions may be affected as well. Reports indicate that this issue may be related to BID 19024.
Hardcore Disassembler / Reverse Engineer Wanted!
Want to work with IDA and BinDiff? Want to write PoC's and Exploits?
Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.
The vulnerability is caused due to the application windows running with SYSTEM privileges and the application not checking if explorer.exe is running. This can be exploited to launch explorer.exe with SYSTEM privileges by terminating it and then using the "open folder" option in e.g. the "Shared Components" window.
SOLUTION: Enable password protection.
PROVIDED AND/OR DISCOVERED BY: Ben Goulding
ORIGINAL ADVISORY: http://www.ben.goulding.com.au/secad.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client firewall",
"scope": "eq",
"trust": 2.7,
"vendor": "novell",
"version": "2.0"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "agnitum",
"version": "3.51.759.6511"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "lavasoft",
"version": "1.0.543.5722.433"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "agnitum",
"version": "pro 3.51.759.6511 (462)"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "lavasoft",
"version": "1.0.543.5722 (433)"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.7"
},
{
"model": "outpost firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "agnitum",
"version": "3.51.759.6511(462)"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "lavasoft",
"version": "1.0.543.5722(433)"
}
],
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:agnitum:outpost_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:lavasoft:lavasoft_personal_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:novell:client_firewall",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mullware@gmail.com discovered this issue.",
"sources": [
{
"db": "BID",
"id": "19018"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
],
"trust": 0.9
},
"cve": "CVE-2006-3697",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2006-3697",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-19805",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-3697",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2006-3697",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-289",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-19805",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall. Lavasoft Personal Firewall will allow local attackers to gain elevated privileges, which may lead to a complete compromise. \nVersion 1.0.543.5722 (433) is reported vulnerable. Other versions may be affected as well. \nReports indicate that this issue may be related to BID 19024. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nThe vulnerability is caused due to the application windows running\nwith SYSTEM privileges and the application not checking if\nexplorer.exe is running. This can be exploited to launch explorer.exe\nwith SYSTEM privileges by terminating it and then using the \"open\nfolder\" option in e.g. the \"Shared Components\" window. \n\nSOLUTION:\nEnable password protection. \n\nPROVIDED AND/OR DISCOVERED BY:\nBen Goulding\n\nORIGINAL ADVISORY:\nhttp://www.ben.goulding.com.au/secad.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3697"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3697",
"trust": 3.1
},
{
"db": "BID",
"id": "19024",
"trust": 2.0
},
{
"db": "BID",
"id": "19018",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "21089",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "21088",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-0144",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2852",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2851",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "27349",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060716 ESCALATION OF PRIVILEGES IN OUTPOST AND LAVASOFT FIREWALLS -UNUSUAL SHELLEXECUTE BEHAVIOR",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-19805",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48308",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48302",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"id": "VAR-200607-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:41:45.404000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.lavasoft.com/products/lavasoft_personal_firewall.php"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.novell.com/support/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.ben.goulding.com.au/secad.html"
},
{
"trust": 2.0,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/903/3762108_f.sal_public.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19018"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19024"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/27349"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21088"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21089"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2851"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2852"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0144"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3697"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3697"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/440426/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0144"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2852"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2851"
},
{
"trust": 0.3,
"url": "http://www.agnitum.com/products/outpost/"
},
{
"trust": 0.3,
"url": "http://seclists.org/lists/fulldisclosure/2006/jul/0481.html"
},
{
"trust": 0.3,
"url": "http://www.lavasoftusa.com/software/firewall/"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7908/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21089/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21088/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11075/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19805"
},
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-19805"
},
{
"date": "2006-07-17T00:00:00",
"db": "BID",
"id": "19024"
},
{
"date": "2006-07-17T00:00:00",
"db": "BID",
"id": "19018"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"date": "2006-07-18T20:56:43",
"db": "PACKETSTORM",
"id": "48308"
},
{
"date": "2006-07-18T20:56:43",
"db": "PACKETSTORM",
"id": "48302"
},
{
"date": "2006-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"date": "2006-07-21T14:03:00",
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-19805"
},
{
"date": "2007-01-11T17:50:00",
"db": "BID",
"id": "19024"
},
{
"date": "2007-01-11T18:10:00",
"db": "BID",
"id": "19018"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002819"
},
{
"date": "2007-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-289"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-3697"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
},
{
"db": "PACKETSTORM",
"id": "48308"
},
{
"db": "PACKETSTORM",
"id": "48302"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-289"
}
],
"trust": 1.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lavasoft Personal Firewall Used in products such as Agnitum Outpost Firewall Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19024"
},
{
"db": "BID",
"id": "19018"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…