Local Privilege Escalation in AntiVir PersonalEdition Classic by Avira
CVE-2006-1274

Currently unrated

Key Information:

Vendor: Avira
Status: Antivir Personal
Vendor: CVE Published:; 19 March 2006

What is CVE-2006-1274?

The Classic Planer in AntiVir PersonalEdition Classic 7 is susceptible to a local privilege escalation flaw. It does not adequately drop privileges before executing external programs, notably notepad.exe, which is utilized for displaying scan reports. This oversight allows local users to potentially gain elevated privileges, compromising the security integrity of the system.

References

http://www.securityfocus.com/archive/1/427412/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2006/0948

vdb-entryx_refsource_VUPEN

http://lists.grok.org.uk/pipermail/full-disclosure/2006-M...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Mar 19, 2006
Vulnerability Reserved
Mar 18, 2006