Vulnerabilities > CVE-2007-4191 - Local Privilege Escalation vulnerability in Panda Antivirus 2008
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE local
panda
Summary
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/26336
- http://securityreason.com/securityalert/2968
- http://www.pandasecurity.com/homeusers/support/card?id=41111&idIdioma=2&ref=PAV08Dev
- http://www.securityfocus.com/archive/1/475373/100/0/threaded
- http://www.securityfocus.com/archive/1/480022/100/100/threaded
- http://www.securityfocus.com/archive/1/480443/100/100/threaded
- http://www.securityfocus.com/bid/25186
- http://www.securitytracker.com/id?1018722
- http://www.vupen.com/english/advisories/2007/2784
- https://tiifp.org/tarkus/advisories/panda030707.txt