CVE DATABASE / CVE-2009-3482
CVE-2009-3482
CVSS 7.8 · HIGH
Summary
TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by replacing executables with Trojan horse programs.
CVSS 3.1 breakdown
| Base score | 7.8 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Trustport antivirusTrustport pc security
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://secunia.com/advisories/36880
- http://www.securityfocus.com/archive/1/506751/100/0/threaded
- http://www.trustport.com/en/notices/security-update-of-trustport-products
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.