New User, Welcome!     Login

QuickHeal Anti/virus

{PRL} QuickHeal antivirus 2010 Local Privilege Escalation

#####################################################################################

Application:  QuickHeal antivirus 2010 Local Privilege Escalation
            
Platforms:    Windows Vista SP2

Exploitation: Local Privilege Escalation

Date:         2009-12-16

Quick Heal Local Privilege Escalation Vulnerability

Source: http://www.quickheal.co.in

VULNERABLE PRODUCTS

Quick Heal Antivirus Plus 2009 for Desktop (v.10.00 SP1)
Quick Heal Total Security 2009 (v.10.00 SP1)

DETAILS

Quick Heal installs the own program files with insecure permissions (Everyone: Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Quick Heal services) by malicious file and execute arbitrary code with SYSTEM privileges. This is local privilege escalation vulnerability.


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!