CVE-2004-2504 - Stinging Strip

Description

The GUI in Alt-N Technologies MDaemon 7.2 and earlier including 6.8 executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files which allows local users with physical access to gain privileges.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-11/0385.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html http://www.securityfocus.com/bid/11736 http://www.osvdb.org/12158 http://securitytracker.com/id?1012350 http://secunia.com/advisories/13225 https://exchange.xforce.ibmcloud.com/vulnerabilities/18287