CVE-2009-2761

high

Description

Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges via a malicious antivir.exe file in the "C:\Program Files\avira\" directory.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46568

http://www.vupen.com/english/advisories/2008/3130

http://www.osvdb.org/55647

http://blog.zoller.lu/2009/01/tzo-2009-2-avira-antivir-priviledge.html

http://archives.neohapsis.com/archives/bugtraq/2009-01/0146.html

Details

Source: Mitre, NVD

Published: 2009-08-13

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00053