Rising Multiple Products Local Privilege Escalation Vulnerability
Vulnerable Systems:
* Rising Antivirus 2009 (21.62.04)
* Rising Internet Security 2009 (21.62.04)
* Rising Personal Firewall 2009 (21.62.04)
Rising installs the own program files with insecure permissions (Users: Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Rising services) by malicious file and execute arbitrary code with SYSTEM privileges. This is local privilege escalation vulnerability.
An attacker must have valid logon credentials to a system where vulnerable software is installed.
Disclosure Timeline:
31/08/2009 Initial vendor notification. Secure contacts requested.
31/08/2009 Vendor response
12/10/2009 Vendor response that the release date is unknown
28/10/2009 Advisory released
http://www.securiteam.com/securitynews/6O0060KQ0A.html