The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| visnetic | visnetic_antivirus_plug-in_for_mail_server | 4.6.0.4 |
| visnetic | visnetic_antivirus_plug-in_for_mail_server | 4.6.1.1 |