Vulnerabilities > CVE-2006-1274 - Local Privilege Escalation vulnerability in Avira Antivir Personal 7

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

avira

NVD

Published: 2006-03-19

Updated: 2018-10-18

Summary

Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports.

Vulnerable Configurations

Part	Description	Count
Application	Avira Avira Antivir Personal * Avira Antivir Personal 7	2

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042868.html
http://secunia.com/advisories/19217
http://securityreason.com/securityalert/573
http://www.osvdb.org/23843
http://www.securityfocus.com/archive/1/427412/100/0/threaded
http://www.securityfocus.com/bid/17071
http://www.vupen.com/english/advisories/2006/0948
https://exchange.xforce.ibmcloud.com/vulnerabilities/25244