Code injection

2010-01-0421:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security 2009 10.00 SP1 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs, as demonstrated by replacing quhlpsvc.exe.

CPENameOperatorVersion
antivirus_plus_2009eq10.0 sp1
total_security_2009eq10.0 sp1

CPE	Name	Operator	Version
	antivirus_plus_2009	eq	10.0 sp1
	total_security_2009	eq	10.0 sp1

References

secunia.com/advisories/37033

www.securityfocus.com/archive/1/507121/100/0/threaded

www.securityfocus.com/bid/36662

exchange.xforce.ibmcloud.com/vulnerabilities/53746