// For flags

CVE-2006-4657

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.

Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 almacena executables del servicio bajo el directorio de instalación del producto con permisos débiles, que permiten a usuarios locales obtener los privilegios de LocalSystem modificando (1) WebProxy.exe o (2) PAVSRV51.EXE.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-09-08 CVE Reserved
  • 2006-09-09 CVE Published
  • 2024-02-01 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Panda
Search vendor "Panda"
 Panda Platinum Internet Security
Search vendor "Panda" for product "Panda Platinum Internet Security"
 2006_10.02.01
Search vendor "Panda" for product "Panda Platinum Internet Security" and version "2006_10.02.01"
-
Affected
Panda
Search vendor "Panda"
 Panda Platinum Internet Security
Search vendor "Panda" for product "Panda Platinum Internet Security"
 2007_11.00.00
Search vendor "Panda" for product "Panda Platinum Internet Security" and version "2007_11.00.00"
-
Affected