Panda Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability

Panda Antivirus is prone to a local privilege-escalation vulnerability that stems from a design error. This vulnerability occurs because the application assigns insecure file permissions to certain directories upon installation.

An attacker may exploit this vulnerability to overwrite files with arbitrary code in the affected directories. The arbitrary code is then executed with System-level privileges. This may facilitate a complete compromise of affected computers.

Panda Antivirus 2008 is reported vulnerable.

This issue is related to BID 19891: Panda Platinum Internet Security 2006/2007 Local Privilege Escalation Vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus