CVE-2009-2312

medium

Trellix

CVSS v3 Base Score

4.6

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS Score

0.0%

Exploitation probability in 30 days

Top 87% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: July 2, 2009 (6160 days ago)

Last Modified: April 23, 2026

Vendor: Trellix

Source: NVD

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

CWE

CWE-310

Affected Products

mcafee smartfilter

References

🔗 archives.neohapsis.com 🔗 secunia.com 🔗 exchange.xforce.ibmcloud.com 🔗 archives.neohapsis.com 🔗 secunia.com

CVE-2009-2312

Vulnerability Report

Description

CWE

Affected Products

References