ID |
CVE-2006-4657
|
Summary |
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.2 (as of 17-10-2018 - 21:38) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | 19891 | bugtraq | - 20060907 SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities
- 20060913 Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities
| misc | http://www.security.nnov.ru/advisories/pandais.asp | secunia | 21769 | sreason | 1524 | vupen | ADV-2006-3514 |
|
Last major update |
17-10-2018 - 21:38 |
Published |
09-09-2006 - 00:04 |
Last modified |
17-10-2018 - 21:38 |