CVE-2006-4659

Name of the Vulnerable Software and Affected Versions Panda Platinum Internet Security versions 10.02.01 through 11.00.00

Description The issue allows remote attackers to cause arbitrary messages to be classified as spam via a web page that contains IMG tags with predictable URLs. This could also be regarded as a cross-site request forgery (CSRF) vulnerability, where an attacker can trick the system into performing unintended actions.

Recommendations For versions 10.02.01 through 11.00.00, consider restricting access to the spam classification feature until a patch is available. As a temporary workaround, avoid using the predictable URLs in IMG tags to minimize the risk of exploitation.