Home / vulnerabilities Kaspersky Antivirus Incorrect %PROGRAMDATA% ACL
Posted on 17 November 2015
Source : packetstormsecurity.org Link
The ACL on %PROGRAMDATA%Kaspersky Lab allows BUILTINUsers to create new files. This can be abused to create new plugins and modules during update, and other filesystem races to gain elevated privileges.
