Vulnerability Description
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Panda | Panda Platinum Internet Security | 2006_10.02.01 |
References
- http://secunia.com/advisories/21769Vendor Advisory
- http://securityreason.com/securityalert/1524
- http://www.security.nnov.ru/advisories/pandais.aspVendor Advisory
- http://www.securityfocus.com/archive/1/445479/100/0/threaded
- http://www.securityfocus.com/archive/1/445889/100/0/threaded
- http://www.securityfocus.com/bid/19891
- http://www.vupen.com/english/advisories/2006/3514
- http://secunia.com/advisories/21769Vendor Advisory
- http://securityreason.com/securityalert/1524
- http://www.security.nnov.ru/advisories/pandais.aspVendor Advisory
- http://www.securityfocus.com/archive/1/445479/100/0/threaded
- http://www.securityfocus.com/archive/1/445889/100/0/threaded
- http://www.securityfocus.com/bid/19891
- http://www.vupen.com/english/advisories/2006/3514
FAQ
What is CVE-2006-4657?
CVE-2006-4657 is a vulnerability with a CVSS score of 7.2 (HIGH). Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSy...
How severe is CVE-2006-4657?
CVE-2006-4657 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4657?
Check the references section above for vendor advisories and patch information. Affected products include: Panda Panda Platinum Internet Security.