CVE-2009-4215
Published Dec 7, 2009
Last updated 6 years ago
Overview
- Description
- Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC3161FD-F631-405A-BE3A-0B78D5DCD7B2"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:64-bit:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C38B6FA8-58B3-4037-A4EE-B496F1657CAE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:32-bit:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ED232169-696C-4613-A803-28101AB43A49"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:2010:*:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B907640D-8144-4D89-88F2-B4AF1735BDDE"
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_global_protection:2010:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7B2D903-A66F-4679-9DBA-1354A5917462"
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_internet_security:2010:*:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1381C07F-3956-450A-8C87-58297DA942DA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]