‘QuickHeal Antivirus 2010 Local Privilege Escalation’

Summary

All files under the install folder have Full control for BUILTINusers and can be replace with malicious files.’

Credit:

‘The information has been provided by Francis Provencher.’


Details

Vulnerable Systems:
 * QuickHeal Antivirus 2010 Build 11.00 (4.0.0.1)

Example:
C:Program FilesQuick HealQuick Heal AntiVirusSCANWSCS.EXE Everyone:(ID)F

Disclosure Timeline:
2009-12-16: Release’

Categories: Exploits