Vulnerabilites related to pandasecurity - panda_global_protection_2014
Vulnerability from fkie_nvd
Published
2014-05-23 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pandasecurity | panda_av_pro_2014 | 13.01.01 | |
| pandasecurity | panda_global_protection_2014 | 7.01.01 | |
| pandasecurity | panda_gold_protection | 7.01.01 | |
| pandasecurity | panda_internet_security_2014 | 19.01.01 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pandasecurity:panda_av_pro_2014:13.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4D460313-7449-4E31-823C-A9E6E69EBE12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_global_protection_2014:7.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "21487CF6-3901-4043-9FB8-981468D3F038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_gold_protection:7.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "B82CC751-63DC-4CE3-BC4C-C85DCDC53836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_internet_security_2014:19.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C264F379-8143-423B-B678-A0CB7FB16D3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Panda Gold Protection y Global Protection 2014 7.01.01 y anteriores, Internet Security 2014 19.01.01 y anteriores y AV Pro 2014 13.01.01 y anteriores permite a usuarios locales ganar privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3450",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-23T14:55:11.617",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2014/May/89"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532163/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/67527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/May/89"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532163/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67527"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-26 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pandasecurity | panda_av_pro_2014 | 13.01.01 | |
| pandasecurity | panda_global_protection_2014 | 7.01.01 | |
| pandasecurity | panda_internet_security_2014 | 19.01.01 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pandasecurity:panda_av_pro_2014:13.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4D460313-7449-4E31-823C-A9E6E69EBE12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_global_protection_2014:7.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "21487CF6-3901-4043-9FB8-981468D3F038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_internet_security_2014:19.01.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C264F379-8143-423B-B678-A0CB7FB16D3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en el controlador del modo de kernel PavTPK.sys de los productos Panda Security 2014 anterior a hft131306s24_r1 permite a usuarios locales ganar privilegios a trav\u00e9s de un argumento manipulado en una llamada IOCTL 0x222008."
}
],
"id": "CVE-2014-5307",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-26T14:55:06.127",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2014/Aug/53"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/533182/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/69293"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95382"
},
{
"source": "cve@mitre.org",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/Aug/53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533182/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-3450 (GCVE-0-2014-3450)
Vulnerability from cvelistv5
Published
2014-05-23 14:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/May/89"
},
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532163/100/0/threaded"
},
{
"name": "67527",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/May/89"
},
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532163/100/0/threaded"
},
{
"name": "67527",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67527"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/May/89"
},
{
"name": "20140520 CVE-2014-3450 - Privilege Escalation in Panda Security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532163/100/0/threaded"
},
{
"name": "67527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67527"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3450",
"datePublished": "2014-05-23T14:00:00",
"dateReserved": "2014-05-09T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5307 (GCVE-0-2014-5307)
Vulnerability from cvelistv5
Published
2014-08-26 14:00
Modified
2024-08-06 11:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/53"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html"
},
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533182/100/0/threaded"
},
{
"name": "69293",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69293"
},
{
"name": "panda-security-cve20145307-bo(95382)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95382"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/53"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html"
},
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533182/100/0/threaded"
},
{
"name": "69293",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69293"
},
{
"name": "panda-security-cve20145307-bo(95382)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95382"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Aug/53"
},
{
"name": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html"
},
{
"name": "20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533182/100/0/threaded"
},
{
"name": "69293",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69293"
},
{
"name": "panda-security-cve20145307-bo(95382)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95382"
},
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5307",
"datePublished": "2014-08-26T14:00:00",
"dateReserved": "2014-08-16T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}