CVE Vulnerabilities

CVE-2003-1169

Published: Dec 31, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

Affected Software

Name Vendor Start Version End Version
Nutzungskontrolle Datev 2.1 2.1
Nutzungskontrolle Datev 2.2 2.2

References