Lucene search

[email protected]CVE-2006-4657

HistorySep 09, 2006 - 12:04 a.m.

CVE-2006-4657

2006-09-0900:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4657

panda platinum

internet security

local privilege escalation

weak permissions

nvd

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product’s installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.

CPENameOperatorVersion
panda:panda_platinum_internet_securitypanda panda platinum internet securityeq2006_10.02.01
panda:panda_platinum_internet_securitypanda panda platinum internet securityeq2007_11.00.00

CPE	Name	Operator	Version
panda:panda_platinum_internet_security	panda panda platinum internet security	eq	2006_10.02.01
panda:panda_platinum_internet_security	panda panda platinum internet security	eq	2007_11.00.00

References

secunia.com/advisories/21769

securityreason.com/securityalert/1524

www.security.nnov.ru/advisories/pandais.asp

www.securityfocus.com/archive/1/445479/100/0/threaded

www.securityfocus.com/archive/1/445889/100/0/threaded

www.securityfocus.com/bid/19891

www.vupen.com/english/advisories/2006/3514

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Related for CVE-2006-4657

prion1 cve1