PT-2006-5443 · Panda · Panda Platinum Internet Security

3Apa3A

Published

2006-09-09

Updated

2018-10-17

CVE-2006-4658

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Panda Platinum Internet Security versions 2006 10.02.01 and 2007 11.00.00

Description The issue allows remote attackers to determine mail usage patterns due to the use of sequential message numbers in generated URLs. This occurs when a user replies to a message and the sequential message numbers are not filtered.

Recommendations For Panda Platinum Internet Security 2006 10.02.01, consider disabling the feature that generates URLs with sequential message numbers until a fix is available. For Panda Platinum Internet Security 2007 11.00.00, restrict access to the mail usage patterns to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4658

Affected Products

Panda Platinum Internet Security

PT-2006-5443 · Panda · Panda Platinum Internet Security

CVE-2006-4658

Related Identifiers

Affected Products

References · 6