Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for panda_internet_security by pandasecurity

    CVE-2019-12042 (GCVE-0-2019-12042)

    Vulnerability from nvd – Published: 2019-05-23 13:30 – Updated: 2024-08-04 23:10
    VLAI
    Summary
    Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2019-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:10:30.186Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2019-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure permissions of the section object Global\\PandaDevicesAgentSharedMemory and the event Global\\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-23T13:30:44.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12042",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure permissions of the section object Global\\PandaDevicesAgentSharedMemory and the event Global\\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/SouhailHammou/Panda-Antivirus-LPE",
                  "refsource": "MISC",
                  "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
                },
                {
                  "name": "https://www.pandasecurity.com/usa/support/card?id=100063",
                  "refsource": "CONFIRM",
                  "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
                },
                {
                  "name": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html",
                  "refsource": "MISC",
                  "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12042",
        "datePublished": "2019-05-23T13:30:44.000Z",
        "dateReserved": "2019-05-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:10:30.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4215 (GCVE-0-2009-4215)

    Vulnerability from nvd – Published: 2009-12-07 17:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1023121 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/37373 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.pandasecurity.com/homeusers/support/ca… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2009/3126 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/507811/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-11-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:09.983Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1023121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1023121"
              },
              {
                "name": "37373",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37373"
              },
              {
                "name": "panda-directory-privilege-escalation(54268)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
              },
              {
                "name": "ADV-2009-3126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/3126"
              },
              {
                "name": "20091111 Panda Security Software Local Privilege Escalation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1023121",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1023121"
            },
            {
              "name": "37373",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37373"
            },
            {
              "name": "panda-directory-privilege-escalation(54268)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
            },
            {
              "name": "ADV-2009-3126",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3126"
            },
            {
              "name": "20091111 Panda Security Software Local Privilege Escalation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4215",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1023121",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1023121"
                },
                {
                  "name": "37373",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37373"
                },
                {
                  "name": "panda-directory-privilege-escalation(54268)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
                },
                {
                  "name": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2",
                  "refsource": "CONFIRM",
                  "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
                },
                {
                  "name": "ADV-2009-3126",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/3126"
                },
                {
                  "name": "20091111 Panda Security Software Local Privilege Escalation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4215",
        "datePublished": "2009-12-07T17:00:00.000Z",
        "dateReserved": "2009-12-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:09.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12042 (GCVE-0-2019-12042)

    Vulnerability from cvelistv5 – Published: 2019-05-23 13:30 – Updated: 2024-08-04 23:10
    VLAI
    Summary
    Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2019-05-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:10:30.186Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2019-05-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure permissions of the section object Global\\PandaDevicesAgentSharedMemory and the event Global\\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-23T13:30:44.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12042",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure permissions of the section object Global\\PandaDevicesAgentSharedMemory and the event Global\\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. This affects Panda Antivirus, Panda Antivirus Pro, Panda Dome, Panda Global Protection, Panda Gold Protection, and Panda Internet Security."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/SouhailHammou/Panda-Antivirus-LPE",
                  "refsource": "MISC",
                  "url": "https://github.com/SouhailHammou/Panda-Antivirus-LPE"
                },
                {
                  "name": "https://www.pandasecurity.com/usa/support/card?id=100063",
                  "refsource": "CONFIRM",
                  "url": "https://www.pandasecurity.com/usa/support/card?id=100063"
                },
                {
                  "name": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html",
                  "refsource": "MISC",
                  "url": "https://rce4fun.blogspot.com/2019/05/panda-antivirus-local-privilege.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12042",
        "datePublished": "2019-05-23T13:30:44.000Z",
        "dateReserved": "2019-05-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:10:30.186Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4215 (GCVE-0-2009-4215)

    Vulnerability from cvelistv5 – Published: 2009-12-07 17:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1023121 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/37373 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.pandasecurity.com/homeusers/support/ca… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2009/3126 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/507811/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-11-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:09.983Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1023121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1023121"
              },
              {
                "name": "37373",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37373"
              },
              {
                "name": "panda-directory-privilege-escalation(54268)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
              },
              {
                "name": "ADV-2009-3126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/3126"
              },
              {
                "name": "20091111 Panda Security Software Local Privilege Escalation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1023121",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1023121"
            },
            {
              "name": "37373",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37373"
            },
            {
              "name": "panda-directory-privilege-escalation(54268)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
            },
            {
              "name": "ADV-2009-3126",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3126"
            },
            {
              "name": "20091111 Panda Security Software Local Privilege Escalation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4215",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1023121",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1023121"
                },
                {
                  "name": "37373",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37373"
                },
                {
                  "name": "panda-directory-privilege-escalation(54268)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54268"
                },
                {
                  "name": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2",
                  "refsource": "CONFIRM",
                  "url": "http://www.pandasecurity.com/homeusers/support/card?id=80164\u0026idIdioma=2"
                },
                {
                  "name": "ADV-2009-3126",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/3126"
                },
                {
                  "name": "20091111 Panda Security Software Local Privilege Escalation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507811/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4215",
        "datePublished": "2009-12-07T17:00:00.000Z",
        "dateReserved": "2009-12-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:09.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }