Unrated severityNVD Advisory· Published Sep 9, 2006· Updated Apr 16, 2026

CVE-2006-4659

Description

The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses predictable URLs for the spam classification of each message, which allows remote attackers to cause Panda to classify arbitrary messages as spam via a web page that contains IMG tags with the predictable URLs. NOTE: this issue could also be regarded as a cross-site request forgery (CSRF) vulnerability.

Affected products

Panda Project/Panda Platinum Internet Security2 versions
cpe:2.3:a:panda:panda_platinum_internet_security:2006_10.02.01:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:panda:panda_platinum_internet_security:2006_10.02.01:*:*:*:*:*:*:*
- cpe:2.3:a:panda:panda_platinum_internet_security:2007_11.00.00:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.security.nnov.ru/advisories/pandais.aspnvdVendor Advisory
secunia.com/advisories/21769nvd
securityreason.com/securityalert/1524nvd
www.securityfocus.com/archive/1/445479/100/0/threadednvd
www.securityfocus.com/bid/19891nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000