ID CVE-2015-7378
Summary Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.
References
Vulnerable Configurations
  • cpe:2.3:a:pandasecurity:panda_security_url_filtering:*:*:*:*:*:*:*:*
    cpe:2.3:a:pandasecurity:panda_security_url_filtering:*:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 18-05-2016 - 21:25)
Impact:
Exploitability:
CWE CWE-254
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
exploit-db 39670
fulldisc 20160406 Panda Security 2016 Home User Products - Privilege Escalation
misc http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html
Last major update 18-05-2016 - 21:25
Published 18-04-2016 - 15:59
Back to Top