RSS   Vulnerabilities for
'Panda platinum internet security'
   RSS

2006-09-08
 
CVE-2006-4659

CWE-Other
 

 
The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses predictable URLs for the spam classification of each message, which allows remote attackers to cause Panda to classify arbitrary messages as spam via a web page that contains IMG tags with the predictable URLs. NOTE: this issue could also be regarded as a cross-site request forgery (CSRF) vulnerability.

 
 
CVE-2006-4658

CWE-Other
 

 
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote attackers to determine mail usage patterns.

 
 
CVE-2006-4657

CWE-Other
 

 
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE.

 

 >>> Vendor: Panda 28 Products
Panda security
Panda antivirus
Panda antivirus platinum
Activescan
Titanium 2005
Panda activescan
Panda businessecure antivirus
Panda clientshield with truprevent technologies
Panda enterprisecure with truprevent technologies
Panda exchangesecure
Panda filesecure
Panda filesecure with truprevent technologies
Panda gatedefender
Panda isa secure
Panda panda enterprisecure antivirus
Panda platinum 2006 internet security
Panda titanium
Panda titanium 2005 antivirus
Panda titanium 2006 antivirus + antispyware
Panda truprevent personal
Panda webadmin
Panda platinum internet security
Panda platinum 2007 internet security
Panda antivirus and firewall
Adminsecure
Panda internet security
Panda security url filtering
Panda endpoint administration agent


Copyright 2024, cxsecurity.com

 

Back to Top