CVE-2004-1624

high

Description

Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe).

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17838

http://www.securityfocus.com/bid/11500

http://secunia.com/advisories/12962

http://marc.info/?l=bugtraq&m=109846296406459&w=2

Details

Source: Mitre, NVD

Published: 2004-10-21

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00047