CVE-2006-1355

avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.

Published: Mar 22, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1355
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
alwil / avast_antivirus	-	4.6.763.x

http://forum.avast.com/index.php?topic=19862.0
http://secunia.com/advisories/19284
http://www.dslreports.com/forum/remark,15601404~days=9999~start=20
http://www.dslreports.com/forum/remark%2C15601404~days=9999~start=20
http://www.securityfocus.com/bid/17158
http://www.vupen.com/english/advisories/2006/1011
https://exchange.xforce.ibmcloud.com/vulnerabilities/25336

Vulnerability Database

289,784

CVE-2006-1355