CVE-2006-4657

Name of the Vulnerable Software and Affected Versions Panda Platinum Internet Security versions 10.02.01 and 11.00.00

Description The issue allows local users to obtain LocalSystem privileges by modifying specific service executables due to weak permissions. The executables in question are WebProxy.exe and PAVSRV51.EXE, which are stored under the product's installation directory.

Recommendations For version 10.02.01, consider restricting access to the WebProxy.exe and PAVSRV51.EXE executables until a fix is available. For version 11.00.00, consider restricting access to the WebProxy.exe and PAVSRV51.EXE executables until a fix is available.