CVE-2006-4657

Published Sep 9, 2006

Last updated 6 years ago

Overview

Description: Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:panda:panda_platinum_internet_security:2006_10.02.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C229CED-468A-40C3-B444-2E8BBA8335B4"
          },
          {
            "criteria": "cpe:2.3:a:panda:panda_platinum_internet_security:2007_11.00.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746F88AC-995B-4197-B8DB-105C0CCFF49F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References