First published: Tue Dec 03 2019(Updated: )
Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Maxpcsecure Anti Virus Plus | =19.0.4.020 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Max Secure Anti Virus Plus is CVE-2019-19382.
The severity level of CVE-2019-19382 is high with a score of 7.8.
CVE-2019-19382 is a vulnerability in Max Secure Anti Virus Plus 19.0.4.020 that allows local attackers to replace .exe or .dll files and achieve privilege escalation due to insecure permissions on the installation directory.
Local attackers can exploit CVE-2019-19382 by replacing a .exe or .dll file in the Max Secure Anti Virus Plus installation directory.
Yes, references for CVE-2019-19382 can be found at the following URLs: [http://hyp3rlinx.altervista.org](http://hyp3rlinx.altervista.org), [http://packetstormsecurity.com/files/155506/Max-Secure-Anti-Virus-Plus-19.0.4.020-Insecure-Permissions.html](http://packetstormsecurity.com/files/155506/Max-Secure-Anti-Virus-Plus-19.0.4.020-Insecure-Permissions.html)