CVE-2005-4590 : Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media conta

Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL specifying a .exe file.

Published 2005-12-30 11:03:00

Updated 2018-10-19 15:41:26

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2005-4590

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-4590

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-4590

Products affected by CVE-2005-4590

SPB » Kiosk Engine » Version: 1.0.0.1
cpe:2.3:a:spb:kiosk_engine:1.0.0.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-4590

Exploit prediction scoring system (EPSS) score for CVE-2005-4590

CVSS scores for CVE-2005-4590

References for CVE-2005-4590

Products affected by CVE-2005-4590