RSS   Vulnerabilities for 'Panda global protection'   RSS

2018-03-12
 
CVE-2018-6322

CWE-noinfo
 

 
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group.

 
 
CVE-2018-6321

CWE-428
 

 
Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact.

 
2017-12-14
 
CVE-2017-17684

CWE-119
 

 
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.

 
 
CVE-2017-17683

CWE-119
 

 
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.

 
2009-12-07
 
CVE-2009-4215

CWE-264
 

 
Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs.

 

 >>> Vendor: Pandasecurity 14 Products
Panda antivirus
Panda global protection
Panda internet security
Panda internet security 2010
Panda av pro 2014
Panda global protection 2014
Panda gold protection
Panda internet security 2014
Panda security url filtering
Panda endpoint administration agent
Panda free antivirus
Panda mobile security
Panda adaptive defense 360
Panda devices agent


Copyright 2022, cxsecurity.com

 

Back to Top