Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2761

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-2761
Last Modified 14 Aug 2009 12:00:00
Published 13 Aug 2009 12:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-2761

Summary

Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges via a malicious antivir.exe file in the "C:\Program Files\avira\" directory.

Vulnerable Systems

Application

  • Avira Antivir

  • Avira Antivir -

  • Avira Antivir Security Suite -


References

XF - avira-createprocess-privilege-escalation(46568)

VUPEN - ADV-2008-3130

OSVDB - 55647

MISC - http://blog.zoller.lu/2009/01/tzo-2009-2-avira-antivir-priviledge.html

FULLDISC - 20090115 [TZO-2009-2] Avira Antivir - Priviledge escalation


Last Updated: 27 May 2016 10:51:01