Vulnerabilities > CVE-2006-4657 - Local Privilege Escalation vulnerability in Panda Platinum Internet Security 200610.02.01/200711.00.00
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- http://secunia.com/advisories/21769
- http://securityreason.com/securityalert/1524
- http://www.security.nnov.ru/advisories/pandais.asp
- http://www.securityfocus.com/archive/1/445479/100/0/threaded
- http://www.securityfocus.com/archive/1/445889/100/0/threaded
- http://www.securityfocus.com/bid/19891
- http://www.vupen.com/english/advisories/2006/3514