SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Firewall)  >   Panda Internet Security Vendors:   Panda Software
Panda Internet Security Lets Local Users Bypass Anti-Malware Protection
SecurityTracker Alert ID:  1023965
SecurityTracker URL:  http://securitytracker.com/id/1023965
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 10 2010
Impact:   Modification of system information
Exploit Included:  Yes  
Version(s): 2010 15.01.00
Description:   A vulnerability was reported in Panda Internet Security. A local user can bypass certain anti-malware protection mechanisms.

A local user can load a specially crafted application to bypass the System Service Descriptor Table (SSDT) hooking anti-malware checks. The application can call a system service with legitimate parameters and then, after the hook handler has validated the parameters, switch certain arguments to execute malicious code without detection.

Matousec.com reported this vulnerability.

The original advisory is available at:

http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php

Impact:   A local user can bypass certain anti-malware protection mechanisms.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.pandasecurity.com/ (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC