HNS MAIN FEED
Saturday, 05:12 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Avast! Insecure Program File Permissions Local Privilege Escalation
03 November 2009
Avast! Antivirus is an application that provides virus protection. The application is exposed to a local privilege escalation issue because it installs the "avast4.ini" file in the data folder "%Program Files%Alwil SoftwareAvast4Data" with "Full Control" permissions for the "Everyone" group. Avast! Professional Edition version 4.8.1351 and earlier and Avast! Home are affected. Edition version 4.8.1351 and earlier are affected by this issue.
Ref: http://www.avast.com/eng/avast-4-home_pro-revision-history.html
09.44.6 - CVE: CVE-2009-3524
Platform: Third Party Windows Apps
Ref: http://www.avast.com/eng/avast-4-home_pro-revision-history.html
09.44.6 - CVE: CVE-2009-3524
Platform: Third Party Windows Apps