CVE-2013-3496

EUVD-2013-3431
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
infotecsvipnet_client
𝑥
≤ 3.2.10
infotecsvipnet_coordinator
𝑥
≤ 3.2.10
infotecsvipnet_personal_firewall
𝑥
≤ 3.1
infotecsvipnet_safedisk
𝑥
≤ 4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-05/0072.html
http://archives.neohapsis.com/archives/bugtraq/2013-05/0072.html