Vulnerabilities > Panda > Panda Platinum Internet Security

DATE CVE VULNERABILITY TITLE RISK
2006-09-09 CVE-2006-4659 Local Privilege Escalation vulnerability in Panda Platinum Internet Security 200610.02.01/200711.00.00
The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses predictable URLs for the spam classification of each message, which allows remote attackers to cause Panda to classify arbitrary messages as spam via a web page that contains IMG tags with the predictable URLs.
network
low complexity
panda
5.0
2006-09-09 CVE-2006-4658 Local Privilege Escalation vulnerability in Panda Platinum Internet Security 200610.02.01/200711.00.00
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote attackers to determine mail usage patterns.
network
low complexity
panda
5.0
2006-09-09 CVE-2006-4657 Local Privilege Escalation vulnerability in Panda Platinum Internet Security 200610.02.01/200711.00.00
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.
local
low complexity
panda
7.2