CVE-2004-2329

Published: Dec 31, 2004Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box.

Affected (1)

Products: Kerio: Personal Firewall

Kerio

1 product

Personal Firewall

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kerio Personal Firewall	Version 2.1.5

References (14)

http://secunia.com/advisories/10746/

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/3748

Source: cve@mitre.org

http://www.securityfocus.com/bid/9525

Source: cve@mitre.org

http://www.securitytracker.com/alerts/2004/Jan/1008870.html

Source: cve@mitre.org

Exploit

http://www.tuneld.com/_images/other/kpf_system_privileges.png

Source: cve@mitre.org

http://www.tuneld.com/news/?id=30

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/14981

Source: cve@mitre.org

http://secunia.com/advisories/10746/