Affected Versions:
Panda Antivirus Pro 2010 Panda Internet Security 2010 Panda Global Protection 2010
Vulnerability description:
Bugtraq id: 41428 Panda guard is a series of anti-virus products launched by Panda Software in China. RKPavProc used by multiple pandatv Anti-Virus products. the sys kernel driver does not properly process user-sent IOCTL requests. Local Users can trigger NULL pointer reference or stack overflow by executing malicious programs, resulting in kernel crash or arbitrary kernel state code execution.
<* Reference
Http://secunia.com/advisories/40462/
Http://www.ntinternals.org/ntiadv0905/ntiadv0905.html
*>Security suggestions:
Vendor patch: Panda ----- the current manufacturer has released the upgrade patch to fix this security problem, please go to the vendor's home page download: http://www.pandasecurity.com/homeusers/support/card? Id = 80184 & idIdioma = 2