CVE-2006-3786 Information

Description

Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files which allows local users to generate a custom .cif file and modify the superuser flag.

Reference

http://securityreason.com/securityalert/1261 http://securitytracker.com/id?1016534 http://www.digitalbullets.org/?p=3 http://www.securityfocus.com/archive/1/440448/100/0/threaded