Test ID:	1.3.6.1.4.1.25623.1.0.811556
Category:	General
Title:	Panda Kernel Memory Access Driver Code Execution Vulnerability
Summary:	Panda Security products is prone to a code execution vulnerability.
Description:	Summary: Panda Security products is prone to a code execution vulnerability. Vulnerability Insight: The flaw is due to an insufficient validation of user-supplied input to the PSKMAD.sys kernel driver implemented in the affected products. Vulnerability Impact: Successful exploitation will allow the an authenticated, local attacker to pass malicious input to the affected driver. If processed, an attacker could execute arbitrary code with kernel-level privileges. Affected Software/OS: Panda Gold Protection 2015 PSKMAD.sys version 1.0.0.13 Panda Global Protection 2015 PSKMAD.sys version1.0.0.13 Panda Internet Security 2015 PSKMAD.sys version 1.0.0.13 Panda Antivirus Pro 2015 PSKMAD.sys version 1.0.0.13. Solution: Upgrade to Panda Products version 15.1.0 or later or apply the safeguards as mentioned below. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1438 BugTraq ID: 75715 http://www.securityfocus.com/bid/75715 http://seclists.org/fulldisclosure/2015/Jul/61 http://seclists.org/fulldisclosure/2015/Jul/42 http://packetstormsecurity.com/files/132682/Panda-Security-1.0.0.13-Arbitrary-Code-Execution.html https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-1438/
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.