CVE-2007-5254
https://notcve.org/view.php?id=CVE-2007-5254
VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe. VirusBlokAda Vba32 AntiVirus 3.12.2 utiliza permisos débiles (Everyone:Write) para sus directorios de instalación, lo cual permite a usuarios locales ganar privilegios a través del remplazamiento de programas de aplicaicón, como se demostró remplazando vba32ldr.exe. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066313.html http://osvdb.org/37991 http://secunia.com/advisories/27094 http://www.anti-virus.by/en http://www.securityfocus.com/bid/25930 • CWE-264: Permissions, Privileges, and Access Controls •