Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: Full Control) for the %COMMONPROGRAMFILES%\Quest Shared directory, which allows local users to gain privileges via a Trojan horse file.
References
Configurations
Information
Published : 2012-05-01 16:55
Updated : 2017-08-28 18:30
NVD link : CVE-2012-0279
Mitre link : CVE-2012-0279
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
quest
- toad_for_data_analysts