CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-3943 – Panda Endpoint Administration Agent < 7.50.00 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-3943
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module. Desbordamiento de buffer en la función AStreamPeekStream en input/stream.c en VideoLAN VLC media player en versiones anteriores a 2.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo wav manipulado, relacionado con "buscar a través de EOF". • https://www.exploit-db.com/exploits/39671 http://packetstormsecurity.com/files/136606/Panda-Endpoint-Administration-Agent-Privilege-Escalation.html http://seclists.org/fulldisclosure/2016/Apr/24 • CWE-276: Incorrect Default Permissions •