200711.00.00

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

panda

NVD

Published: 2006-09-09

Updated: 2018-10-17

Summary

Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.

Vulnerable Configurations

Part	Description	Count
Application	Panda Panda Panda Platinum Internet Security 2006_10.02.01 Panda Panda Platinum Internet Security 2007_11.00.00	2

References

http://www.security.nnov.ru/advisories/pandais.asp
http://www.securityfocus.com/bid/19891
http://secunia.com/advisories/21769
http://securityreason.com/securityalert/1524
http://www.vupen.com/english/advisories/2006/3514
http://www.securityfocus.com/archive/1/445889/100/0/threaded
http://www.securityfocus.com/archive/1/445479/100/0/threaded