Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Panda ActiveScan Multiple Vulnerabilities

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News
View previous topic :: View next topic  
Author Message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Thu Nov 16, 2006 10:27 am    Post subject: Panda ActiveScan Multiple Vulnerabilities Reply with quote

Quote:
Secunia Research has discovered two vulnerabilities and a weakness in Panda ActiveScan, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a user's system.

1) The "Reinicializar()" method in the "ActiveScan.1" ActiveX control allows rebooting the system when invoked. This can be exploited by e.g. a malicious website to reboot a user's system without any user confirmation.

2) The "ObtenerTamano()" method in the "PAVPZ.SOS.1" ActiveX control returns the file size of a given local filename. This can be exploited by e.g. a malicious website to determine the presence of local files and the corresponding file sizes.

3) The "Analizar()" method in the "ActiveScan.1" ActiveX control is not thread safe. This can be exploited by e.g. a malicious website via a race condition to corrupt memory and execute arbitrary code.

The vulnerabilities are confirmed in version 5.53.00. Other versions may also be affected.

http://secunia.com/advisories/21763/
_________________
Microsoft MVP - Consumer Security 2007-2014
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group