CVE-2007-5254 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-5254

CWE

https://cwe.mitre.org/data/definitions/264.html

VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe.

Affected Software

Name	Vendor	Start Version	End Version
Vba32_antivirus	Virusblokada	3.12.2 (including)	3.12.2 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066313.html
http://osvdb.org/37991
http://secunia.com/advisories/27094
http://www.anti-virus.by/en/
http://www.securityfocus.com/bid/25930