PT-2006-5442 · Panda · Panda Platinum Internet Security

3Apa3A

Published

2006-09-09

Updated

2018-10-17

CVE-2006-4657

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Panda Platinum Internet Security versions 10.02.01 and 11.00.00

Description The issue allows local users to obtain LocalSystem privileges by modifying specific service executables due to weak permissions. The executables in question are WebProxy.exe and PAVSRV51.EXE, which are stored under the product's installation directory.

Recommendations For version 10.02.01, consider restricting access to the WebProxy.exe and PAVSRV51.EXE executables until a fix is available. For version 11.00.00, consider restricting access to the WebProxy.exe and PAVSRV51.EXE executables until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4657

Affected Products

Panda Platinum Internet Security

PT-2006-5442 · Panda · Panda Platinum Internet Security

CVE-2006-4657

Related Identifiers

Affected Products

References · 8