[Japanese]

JVNDB-2011-000026

Applications that use the Windows Help function may be vulnerable to privilege escalation

Overview

Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system.

Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system.

This issue may occur in applications or services where the Help function is not called in a secure manner. An example of this is when Anti-virus software or a personal firewall is running on the local system with the privileges of an administrator on the local system, and has an interface to "communicate" with the user.

ISIHARA Takanori reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

Base Metrics: 7.2 (High) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete

Affected Products

For information on Products Affected, please refer to the "Vendor Status" section below.

Symantec Corporation
  • Symantec AntiVirus Edition 9.0 Upgrade to MR3 or later
  • Symantec AntiVirus Corporate Edition 9.0.1 Upgrade to MR3 or later
  • Symantec AntiVirus Corporate Edition 9.0.2 Upgrade to MR3 or later
  • Symantec Client Security 2.0 Upgrade to MR3 or later
  • Symantec Client Security 2.0.1 Upgrade to MR3 or later
  • Symantec Client Security 2.0.2 Upgrade to MR3 or later
  • Symantec Norton AntiVirus Corporate Edition prior to 7.5.1 build 62
  • Symantec Norton AntiVirus Corporate Edition prior to 7.6.1 build 35a

Impact

A user may gain unauthorized access to resources on the system.
Solution

Refer to the "Vendor Status" section below for Solution information on each application.
Vendor Information

Symantec Corporation Microsoft Corporation
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2002-1540
  2. CVE-2005-2017
References

  1. JVN : JVN#63898867
  2. National Vulnerability Database (NVD) : CVE-2002-1540
  3. National Vulnerability Database (NVD) : CVE-2005-2017
Revision History

[2011/5/13]
  Web page published