AVG AntiVirus < 7.5.476 avg7core.sys Local Privilege Escalation

High Nessus Network Monitor Plugin ID 4131

Synopsis

The remote host is vulnerable to a local privilege escalation flaw.

Description

The remote host is running AVG Antivirus. This version of AVG is reported to be prone to a flaw where a local attacker can escalate privileges and gain administrative access to the application or system. An attacker exploiting this flaw would need to be locally authenticated. Successful exploitation would result in the attacker gaining SYSTEM access.

Solution

Upgrade to version 7.5.476 or higher.

See Also

http://www.grisoft.com/doc/31/us/crp/0?prd=avw

Plugin Details

Severity: High

ID: 4131

File Name: 4131.prm

Family: Web Clients

Published: 2007/07/11

Modified: 2016/01/22

Dependencies: 1735, 8314, 1769

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.4

Temporal Score: 7.3

Vector: CVSS3#AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2007-3777

BID: 24870