Summary
This host is running panda Products and is prone to Privilege Escalation Vulnerability.
Impact
Successful exploitation will let the attacker replace the affected binary file with a malicious binary which will be executed with SYSTEM privileges.
Impact level: System.
Solution
Apply the security updates accordingly.
http://www.pandasecurity.com/homeusers/support/card?id=80164&idIdioma=2
Insight
This flaw is due to insecure permissions being set on the 'PavFnSvr.exe' file (Everyone/Full Control) within the installation directory, which could be exploited by malicious users to replace the affected file with a malicious binary which will be executed with SYSTEM privileges.
Affected
Panda AntiVirus Pro 2010 version 9.01.00 and prior.
Panda Internet Security 2010 version 15.01.00 and prior.
Panda Global Protection 2010 version 3.01.00 and prior.
References
Severity
Classification
-
CVE CVE-2009-4215 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities