CVE-2004-1149 – iDEFENSE Security Advisory 2004-12-15.t

https://notcve.org/view.php?id=CVE-2004-1149

22 Dec 2004 — Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe. Local exploitation of an insecure permission vulnerability in Computer Associates eTrust EZ Antivirus allows attackers to escalate privileges or disable protection. • http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter •