Unrated severityNVD Advisory· Published Jan 4, 2010· Updated Apr 23, 2026

CVE-2009-4556

Description

Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security 2009 10.00 SP1 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs, as demonstrated by replacing quhlpsvc.exe.

Affected products

Quickheal/Antivirus Plus 2009
cpe:2.3:a:quickheal:antivirus_plus_2009:10.00:sp1:*:*:*:*:*:*
Quickheal/Total Security 2009
cpe:2.3:a:quickheal:total_security_2009:10.00:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/37033nvdVendor Advisory
www.securityfocus.com/archive/1/507121/100/0/threadednvd
www.securityfocus.com/bid/36662nvd
exchange.xforce.ibmcloud.com/vulnerabilities/53746nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000