CVE-2009-4215 Information

Description

Panda Global Protection 2010 Internet Security 2010 and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files which allows local users to gain privileges by replacing executables with Trojan horse programs.

Reference

http://secunia.com/advisories/37373 http://www.pandasecurity.com/homeusers/support/card?id=80164&idIdioma=2 http://www.securityfocus.com/archive/1/507811/100/0/threaded http://www.securitytracker.com/id?1023121 http://www.vupen.com/english/advisories/2009/3126 https://exchange.xforce.ibmcloud.com/vulnerabilities/54268