vendor:
Quick Heal Antivirus Plus 2009 for Desktop
by:
ShineShadow Security Report
7.2
CVSS
HIGH
Local Privilege Escalation
264
CWE
Product Name: Quick Heal Antivirus Plus 2009 for Desktop
Affected Version From: Quick Heal Antivirus Plus 2009 for Desktop (v.10.00 SP1)
Affected Version To: Quick Heal Total Security 2009 (v.10.00 SP1)
Patch Exists: YES
Related CWE: CVE-2009-3286
CPE: a:quick_heal:quick_heal_antivirus_plus_2009
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1692/, https://www.rapid7.com/db/vulnerabilities/vmsa-2010-0009-1-service-console-update-cve-2009-3286/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-3286/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2009-3286/
Other Scripts:
https://www.infosecmatter.com/nessus-plugin-library/?id=42358, https://www.infosecmatter.com/nessus-plugin-library/?id=79470, https://www.infosecmatter.com/nessus-plugin-library/?id=44993, https://www.infosecmatter.com/nessus-plugin-library/?id=67068, https://www.infosecmatter.com/nessus-plugin-library/?id=65044, https://www.infosecmatter.com/nessus-plugin-library/?id=89737, https://www.infosecmatter.com/nessus-plugin-library/?id=44794, https://www.infosecmatter.com/nessus-plugin-library/?id=44780, https://www.infosecmatter.com/nessus-plugin-library/?id=89740, https://www.infosecmatter.com/nessus-plugin-library/?id=42990
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009
Quick Heal Local Privilege Escalation Vulnerability
Quick Heal installs the own program files with insecure permissions (Everyone: Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Quick Heal services) by malicious file and execute arbitrary code with SYSTEM privileges.
Mitigation:
Vendor released a patch.