PT-2009-5126 · Avira+1 · Avira Antivir+4

Published

2009-08-13

Updated

2017-08-17

CVE-2009-2761

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional (affected versions not specified)

Description The issue is related to an unquoted Windows search path vulnerability in the scheduler (sched.exe) that might allow local users to gain privileges. This could be achieved via a malicious antivir.exe file placed in the "C:Program Filesavira" directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2761

Affected Products

Antivir Premium

Antivir Professional

Avira Antivir

Premium Security Suite

Windows

PT-2009-5126 · Avira+1 · Avira Antivir+4

CVE-2009-2761

Related Identifiers

Affected Products

References · 6