Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1355

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-1355
Last Modified 07 Mar 2011 09:32:51
Published 21 Mar 2006 09:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1355

Summary

avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.

Vulnerable Systems

Application

  • Alwil Avast Antivirus 4.6.763


References

VUPEN - ADV-2006-1011

MISC - http://www.dslreports.com/forum/remark,15601404~days=9999~start=20

SECUNIA - 19284

CONFIRM - http://forum.avast.com/index.php?topic=19862.0

XF - avast-default-insecure-permissions(25336)

BID - 17158


Last Updated: 27 May 2016 10:42:02