Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.810940
Category:General
Title:Bitdefender Internet Security DLL Loading Local Code Injection Vulnerability
Summary:Bitdefender Internet Security is prone to local code injection vulnerability.
Description:Summary:
Bitdefender Internet Security is prone to local code injection vulnerability.

Vulnerability Insight:
The flaw exists due to the product do not
use the Protected Processes feature, and therefore an attacker can enter an
arbitrary Application Verifier Provider DLL under Image File Execution Options
in the registry. The self-protection mechanism is intended to block all local
processes (regardless of privileges) from modifying Image File Execution Options
for this product. This mechanism can be bypassed by an attacker who
temporarily renames Image File Execution Options during the attack.

Vulnerability Impact:
Successful exploitation will allow local
attacker to bypass a self-protection mechanism, inject arbitrary code, and take
full control of any Bitdefender process via a 'DoubleAgent' attack.

Affected Software/OS:
Bitdefender Internet Security 12.0
(and earlier).

Solution:
Update Bitdefender to the latest version and ensure that the build version matches at least the following version: 21.0.24.62

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 97024
Common Vulnerability Exposure (CVE) ID: CVE-2017-6186
http://www.securityfocus.com/bid/97024
http://cybellum.com/doubleagent-taking-full-control-antivirus/
http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.