Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.810940 |
Category: | General |
Title: | Bitdefender Internet Security DLL Loading Local Code Injection Vulnerability |
Summary: | Bitdefender Internet Security is prone to local code injection vulnerability. |
Description: | Summary: Bitdefender Internet Security is prone to local code injection vulnerability. Vulnerability Insight: The flaw exists due to the product do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry. The self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for this product. This mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Vulnerability Impact: Successful exploitation will allow local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a 'DoubleAgent' attack. Affected Software/OS: Bitdefender Internet Security 12.0 (and earlier). Solution: Update Bitdefender to the latest version and ensure that the build version matches at least the following version: 21.0.24.62 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Cross-Ref: |
BugTraq ID: 97024 Common Vulnerability Exposure (CVE) ID: CVE-2017-6186 http://www.securityfocus.com/bid/97024 http://cybellum.com/doubleagent-taking-full-control-antivirus/ http://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/ |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |