CVE-2004-1149

high

Description

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18502

http://www.idefense.com/application/poi/display?id=164

http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter

Details

Source: Mitre, NVD

Published: 2005-01-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00046