exploit-db-mirror/exploits/windows/local/10475.txt

#####################################################################################

Application:  QuickHeal antivirus 2010 Local Privilege Escalation

Platforms:    Windows Vista SP2

Exploitation: Local Privilege Escalation

Date:         2009-12-16

Author:       Francis Provencher (Protek Research Lab's)


#####################################################################################

1) Introduction
2) Technical details
3) The Code (N/A)


#####################################################################################

===============
1) Introduction
===============
QuickHeal antivirus 2010

Quick Heal AntiVirus 2010, with its intuitive and easy-to-use interface, provides hassle-free protection for your system. Once

installed it acts as a shield against viruses, worms, trojans, spywares and other malicious threats. It also provides protection

against new and unknown viruses using Quick Heal's renowned DNAScan technology, and blocks malicious websites. Quick Heal AntiVirus

2010 is very low on resource usage and gives enhanced protection without slowing down your computer.

(from QuickHeal Anti-virus website)


#####################################################################################

============================
2) Technical details
============================

QuickHeal antivirus 2010
Build 11.00 (4.0.0.1)

All files under the install folder have Full control for BUILTIN\users and can be replace with malicious files.

.... snip ...


C:\Program Files\Quick Heal\Quick Heal AntiVirus\SCANWSCS.EXE Everyone:(ID)F


.... snip ...



#####################################################################################

===========
3) The Code
===========

N\A


#####################################################################################
(PRL-2009-25)