vendor:
Panda Security 2016 Home User products for Windows
by:
Kyriakos Economou
7.8
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: Panda Security 2016 Home User products for Windows
Affected Version From: Panda Security URL Filtering < v4.3.1.9
Affected Version To: Panda Security URL Filtering v4.3.1.9
Patch Exists: YES
Related CWE: CVE-2015-7378
CPE: a:panda_security:panda_security_url_filtering:4.3.1.9
Platforms Tested: Windows
2016
Privilege Escalation in Panda Security 2016 Home User products for Windows
The Panda Security 2016 Home User products for Windows are vulnerable to privilege escalation, allowing a local attacker to execute code as SYSTEM from any account (Guest included), thus completely compromising the affected host.
Mitigation:
Upgrade to Panda Security URL Filtering v4.3.1.9 or later.