CVE-2006-4619

Name of the Vulnerable Software and Affected Versions Avira AntiVir PersonalEdition Classic version 7.0 build 151

Description The issue allows local users to gain system privileges via a "Shatter" style attack. This can be achieved by exploiting the IParam parameter, and the PBM GETRANGE and PBM SETRANGE messages in an unspecified progress bar.

Recommendations For Avira AntiVir PersonalEdition Classic version 7.0 build 151, consider restricting access to the update.exe until a patch is available. As a temporary workaround, avoid using the IParam parameter in the affected update.exe to minimize the risk of exploitation. Additionally, restrict the use of the PBM GETRANGE and PBM SETRANGE messages in the unspecified progress bar to prevent potential attacks.