CVE-2009-2312

Published: Jul 2, 2009Modified: Apr 23, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

Affected (1)

Products: Mcafee: Smartfilter

Mcafee

1 product

Smartfilter

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Smartfilter	Version 4.2.1.00

Related CWEs

CWE-310

References (6)

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

Source: cve@mitre.org

http://secunia.com/advisories/34390

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49338

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34390

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49338

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.