CVE-2009-2429

medium

Trellix

CVSS v3 Base Score

4.6

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS Score

0.0%

Exploitation probability in 30 days

Top 87% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: July 10, 2009 (6152 days ago)

Last Modified: April 23, 2026

Vendor: Trellix

Source: NVD

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in admin_backup.xml files and uses insecure permissions for these files, which allows local users to gain privileges. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE

CWE-255

Affected Products

mcafee smartfilter

References

🔗 archives.neohapsis.com 🔗 secunia.com 🔗 exchange.xforce.ibmcloud.com 🔗 archives.neohapsis.com 🔗 secunia.com

CVE-2009-2429

Vulnerability Report

Description

CWE

Affected Products

References