NuytsTech Security

CVE-2007-4649

by ·

MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe.

Date published : 2007-08-31

http://www.securityfocus.com/bid/25493

http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065509.html

Tags: