CVE-2006-6308

{"id": "CVE-2006-6308", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-06T20:28:00.000", "references": [{"url": "http://securitytracker.com/id?1017332", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/453481/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/453551/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/453569/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/453587/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/453653/100/0/threaded", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30728", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1017332", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/453481/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/453551/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/453569/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/453587/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/453653/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30728", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Symantec LiveState 7.1 Agent for Windows allows local users to gain privileges by stopping the shstart.exe process and open \"Web Self-Service\" from the system tray icon, which will open a browser window running with elevated privileges. NOTE: several third-party researchers have noted that administrator privileges may be necessary to terminate shstart.exe. If this is the case, then no privilege escalation occurs, and this is not a vulnerability"}, {"lang": "es", "value": "** IMPUGNADA ** Symantec LiveState 7.1 Agent para Windows permite a usuarios locales obtener privilegios parando el proceso shstart.exe y abriendo \"Web Self-Service\" de la barra de iconos del sistema, lo cual abrir\u00e1 una ventana de navegaci\u00f3n ejecut\u00e1ndose con privilegios elevados. NOTA: varios investigadores de terceras partes han observado que podr\u00edan ser necesarios privilegios de administrador para terminar el proceso shstart.exe. Si este fuera el caso, entonces no ocurrir\u00eda la escalada de privilegios, y eso no es una vulnerabilidad."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:livestate_agent_for_windows:7.1:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0898446C-95D1-40C3-8B88-50A496BB5214"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}