ID CVE-2015-7378
Summary Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.
References
Vulnerable Configurations
  • cpe:2.3:a:pandasecurity:panda_security_url_filtering:4.3.1.8
    cpe:2.3:a:pandasecurity:panda_security_url_filtering:4.3.1.8
CVSS
Base: 7.2 (as of 18-05-2016 - 13:18)
Impact:
Exploitability:
CWE CWE-254
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Panda Security URL Filtering - Privilege Escalation. CVE-2015-7378. Local exploit for windows platform
file exploits/windows/local/39670.txt
id EDB-ID:39670
last seen 2016-04-06
modified 2016-04-06
platform windows
port
published 2016-04-06
reporter Kyriakos Economou
source https://www.exploit-db.com/download/39670/
title Panda Security URL Filtering < 4.3.1.9 - Privilege Escalation
type local
refmap via4
exploit-db 39670
fulldisc 20160406 Panda Security 2016 Home User Products - Privilege Escalation
misc http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html
Last major update 18-05-2016 - 17:25
Published 18-04-2016 - 11:59
Back to Top