CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2014-5307
https://notcve.org/view.php?id=CVE-2014-5307
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call. Desbordamiento de buffer basado en memoria dinámica en el controlador del modo de kernel PavTPK.sys de los productos Panda Security 2014 anterior a hft131306s24_r1 permite a usuarios locales ganar privilegios a través de un argumento manipulado en una llamada IOCTL 0x222008. • http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html http://seclists.org/fulldisclosure/2014/Aug/53 http://www.securityfocus.com/archive/1/533182/100/0/threaded http://www.securityfocus.com/bid/69293 https://exchange.xforce.ibmcloud.com/vulnerabilities/95382 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2014-3450
https://notcve.org/view.php?id=CVE-2014-3450
Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors. Vulnerabilidad no especificada en Panda Gold Protection y Global Protection 2014 7.01.01 y anteriores, Internet Security 2014 19.01.01 y anteriores y AV Pro 2014 13.01.01 y anteriores permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://seclists.org/fulldisclosure/2014/May/89 http://www.securityfocus.com/archive/1/532163/100/0/threaded http://www.securityfocus.com/bid/67527 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2009-4215
https://notcve.org/view.php?id=CVE-2009-4215
Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs. Panda Global Protection 2010, Internet Security 2010, y Antivirus Pro 2010 usa permisos débiles (Todos: Control Total ) para los archivos product, lo que permite a usuarios locales obtener privilegios por reemplazamiento de ejecutables con programas troyanos. • http://secunia.com/advisories/37373 http://www.pandasecurity.com/homeusers/support/card?id=80164&idIdioma=2 http://www.securityfocus.com/archive/1/507811/100/0/threaded http://www.securitytracker.com/id?1023121 http://www.vupen.com/english/advisories/2009/3126 https://exchange.xforce.ibmcloud.com/vulnerabilities/54268 • CWE-264: Permissions, Privileges, and Access Controls •