CVE-2007-4191

Panda Antivirus 2008 - Privilege Escalation

Title source: llm

Description

Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657.

Exploits (1)

exploitdb WORKING POC VERIFIED

by tarkus · clocalwindows

https://www.exploit-db.com/exploits/4257

View Code ZIP pw:eip

References (10)

[Exploit] http://www.securityfocus.com/bid/25186

[Various Sources] http://www.pandasecurity.com/homeusers/support/card?id=41111&idIdioma=2&ref=PAV08Dev

[Various Sources] https://tiifp.org/tarkus/advisories/panda030707.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/475373/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/480022/100/100/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/480443/100/100/threaded

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018722

[Third Party Advisory] http://secunia.com/advisories/26336

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2784

[Third Party Advisory] http://securityreason.com/securityalert/2968

Scores

EPSS 0.0009

EPSS Percentile 26.0%

Details

Status published

Products (1)

panda/panda_antivirus 2008

Published Aug 08, 2007

Tracked Since Feb 18, 2026