CVE-2006-1355 — Avast Antivirus vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 85.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Alwil Avast Antivirus

Timeline

PublishedMar 22

Latest updateMay 1

Description

avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDalwil/avast_antivirus4.6.763

🔴Vulnerability Details

GHSA

GHSA-xqq5-jv4j-qg87: avast! Antivirus 4↗2022-05-01

▶

CVEList

CVE-2006-1355: avast! Antivirus 4↗2006-03-22

▶