All the vulnerabilites related to avast - avast_antivirus
Vulnerability from fkie_nvd
Published
2007-05-09 00:19
Modified
2024-11-21 00:28
Severity ?
Summary
avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | avast_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC3BF13-2946-411E-93A5-0C3AF0508C60",
"versionEndIncluding": "4.7.980",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
},
{
"lang": "es",
"value": "avast! antivirus versiones anteriores a 4.7.981 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entradas de directorio que apuntan a un fichero previo."
}
],
"id": "CVE-2007-1672",
"lastModified": "2024-11-21T00:28:53.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35794"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25137"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1701"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-12 18:30
Modified
2024-11-21 00:54
Severity ?
Summary
avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | avast_antivirus | 4.8.1281.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.8.1281.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64A9C0CB-F7D0-47BE-85E8-E709C27DA283",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
},
{
"lang": "es",
"value": "avast! antivirus v4.8.1281.0, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detecci\u00f3n de malware en un documento HTML colocando una cabecera MZ (alias \"EXE info\") al principio, y modificar el nombre del archivo a (1 ) sin extensi\u00f3n, (2) una extensi\u00f3n. txt, o (3) una extensi\u00f3n .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745."
}
],
"id": "CVE-2008-5523",
"lastModified": "2024-11-21T00:54:15.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-12T18:30:02.717",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-18 10:59
Modified
2024-11-21 02:33
Severity ?
Summary
Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | avast_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC4F2FD-D9B9-4391-9A1F-5AFE90057982",
"versionEndIncluding": "151017-1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en Avast en versiones anteriores a 150918-0 permite a atacantes remotos borrar o escribir en archivos arbitrarios a trav\u00e9s de una entrada manipulada en un archivo ZIP"
}
],
"id": "CVE-2015-5662",
"lastModified": "2024-11-21T02:33:34.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-18T10:59:02.407",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25576608/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1033860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25576608/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033860"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-24 18:30
Modified
2024-11-21 00:31
Severity ?
Summary
Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | avast_antivirus | * | |
| avast | avast_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9CDF74-30DE-4933-9B16-228FDD16ACA8",
"versionEndIncluding": "4.6.394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F08F3453-3BE8-4FCA-BAC9-7E6860F09CDC",
"versionEndIncluding": "4.7.652",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en el desempaquetador CAB del avast! Anti-Virus Managed Client anterior al 4.7.700 permite a atacantes con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo CAB modificado, resultado de un \"redondeo de conversi\u00f3n a entero\""
}
],
"id": "CVE-2007-2845",
"lastModified": "2024-11-21T00:31:47.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-24T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36523"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25380"
},
{
"source": "cve@mitre.org",
"url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24132"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018108"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1935"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-02 10:30
Modified
2024-11-21 00:57
Severity ?
Summary
Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | avast_antivirus | 1.0.5 | |
| avast | avast_antivirus | 1.0.5-1 | |
| avast | avast_antivirus | 1.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:1.0.5:-:linux_home:*:*:*:*:*",
"matchCriteriaId": "D79D8C5A-C8C2-454B-8BA1-063680006E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:1.0.5-1:-:linux_home:*:*:*:*:*",
"matchCriteriaId": "824F2066-0D51-4DA2-8DF2-2DA2DB046470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:1.0.8:-:linux_home:*:*:*:*:*",
"matchCriteriaId": "1924B367-9A74-4EAC-81C1-D90E4BC1F4E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
},
{
"lang": "es",
"value": "M\u00faltiple desbordamiento de b\u00fafer basado en pila en avast! Linux Home Edition v1.0.5, v1.0.5-1, y v1.0.8 que permite a los atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar arbitrariamente c\u00f3digo a trav\u00e9s de ficheros malformados (1) ISO o (2) RPM."
}
],
"id": "CVE-2008-6846",
"lastModified": "2024-11-21T00:57:36.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-07-02T10:30:00.280",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52016"
},
{
"source": "cve@mitre.org",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32747"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3460"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-09 01:19
Modified
2024-11-21 00:28
Severity ?
Summary
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF6FAE-B025-4F70-9F52-C7C12C6F705D",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC3BF13-2946-411E-93A5-0C3AF0508C60",
"versionEndIncluding": "4.7.980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.6.394:*:*:*:*:*:*:*",
"matchCriteriaId": "8683D747-C092-4841-AABF-280D7EB771F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.7.652:*:*:*:*:*:*:*",
"matchCriteriaId": "D393356E-0464-41B6-9D56-2DCFC6900244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.7.700:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED7C89E-E28B-4BE9-952D-86A8D089B41D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1519A450-8F71-408A-81B8-AA6F337E7A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "48872452-2B26-44C4-A9FF-0D9D23AAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.652:*:*:*:*:*:*:*",
"matchCriteriaId": "275D7948-61FB-4415-A9EB-59EEF9757149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.655:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCC4081-D877-4DE3-9342-59BCE7C41CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.665:*:*:*:*:*:*:*",
"matchCriteriaId": "B189DFCB-2307-43B4-8102-BA725CEE0711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.691:*:*:*:*:*:*:*",
"matchCriteriaId": "3C733E69-33B3-465B-B146-A68C26373E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF16A3D-BC29-4426-BDF5-F1C6E85228B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*",
"matchCriteriaId": "33A71A2C-36AC-4F36-9D94-AA824F4DE14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:*:*:*:*:*:*",
"matchCriteriaId": "E02983BB-F027-4967-A230-933299D2D061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*",
"matchCriteriaId": "62618C12-3EAC-4434-B2A8-D83612F1A05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:*:*:*:*:*:*",
"matchCriteriaId": "238FB2B1-41CF-46DB-8ED7-7F2B6609C27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*",
"matchCriteriaId": "B949535B-9771-4AC6-BBDB-8BB3A789A1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:*:*:*:*:*:*",
"matchCriteriaId": "97FEA351-FFF6-4452-9A2B-A7AAF4D7EE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*",
"matchCriteriaId": "DC6DA89A-BF71-4031-9B51-E5941FDE5E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "18837F1C-8ECD-4202-9489-08D63FB28CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*",
"matchCriteriaId": "DB201D49-EB74-4A5D-B641-86C4429E3EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "231DDF5E-5026-4844-8374-45F0926F8C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8822D55C-FEE7-41B5-A8D5-8D9F514CF815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.603:*:*:*:*:*:*:*",
"matchCriteriaId": "B89C0CA4-00DE-4CAD-B554-36C46815A919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.652:*:*:*:*:*:*:*",
"matchCriteriaId": "A618B922-80E7-4769-90BA-5FE231DA6B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.665:*:*:*:*:*:*:*",
"matchCriteriaId": "40F19B83-BAD9-4CDC-95C5-6D352F223AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.691:*:*:*:*:*:*:*",
"matchCriteriaId": "762B6C23-5ADD-4221-8146-DF9CE95637BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3B1651-DC3E-43B8-A5A4-8BEF7D668EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:windows:*:*:*:*:*",
"matchCriteriaId": "DF2D8C10-01E4-43D7-93EE-342BA7E9C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0980CA-26A4-468E-82F3-E03953250343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:windows:*:*:*:*:*",
"matchCriteriaId": "AAB7888A-E884-4C73-AF10-698C56E080F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.869:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5B2325-D8EE-4D1E-8291-740726FC1EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0EF168-1F0D-4772-8922-0A75CAF28661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:windows:*:*:*:*:*",
"matchCriteriaId": "1F7F2957-4422-4891-B573-F68882D7C8E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAED694-2497-488B-A2AB-0781501678F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD00670-7EC0-4AA4-98EF-C8AE38330284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:6.35.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C23C179C-B50E-4F47-BFFA-85848131C99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.04.00.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5C813AD8-5D73-41DF-B710-3CEB20FB9EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B38A75AF-D8B4-4B54-87E9-6EED562CAAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:classic:*:*:*:*:*",
"matchCriteriaId": "5DB520B5-36E8-4F4B-99FF-0FF3F708CC8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:premium:*:*:*:*:*",
"matchCriteriaId": "BECD1C6B-EC0F-4203-BA12-F8B02472FF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD267D52-D580-4460-AFF9-E5BA478A98FA",
"versionEndIncluding": "7.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:7:*:*:*:*:*:*:*",
"matchCriteriaId": "64D94528-A54F-439B-8584-57A82CDF7318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:7:*:classic:*:*:*:*:*",
"matchCriteriaId": "DB66A5A4-6758-438D-9155-7475A5406DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F9AF4F-E974-4D6F-AF51-0DA7A59E64FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DBEED1-0648-45F3-AFC2-91C872A1B098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:picozip:picozip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD36471-D8DC-4B11-B53B-264AB1560063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rahul_dhesi:zoo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79845C9F-7884-4F77-B492-4A944D3DCCEA",
"versionEndIncluding": "2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unzoo:unzoo:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B93C2E82-03E5-42CE-A589-B82FBCBE7D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winace:winace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7B6EE8-25D5-4C89-A0B8-A069D330A9D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D03D666-D234-4626-82F9-EC5726BE1920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_100:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BEEFB2-C6ED-43D5-B535-623931C38890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_200:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ECF7F8-A29F-4868-9DE5-4227E5DA2285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_300:*:*:*:*:*:*:*",
"matchCriteriaId": "6A897043-9003-4F27-8C7D-AE6B2BD0389C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_400:*:*:*:*:*:*:*",
"matchCriteriaId": "1F05FEF8-6B34-4874-AD6B-A053415BD939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_500:*:*:*:*:*:*:*",
"matchCriteriaId": "D28FAD61-3723-4CCC-B890-C5869E7AC3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_600:*:*:*:*:*:*:*",
"matchCriteriaId": "7697AAC2-EC8A-496E-9336-29AAE61CD69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_800:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA47F3A-44BA-4011-8A44-1AE54D02E772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_900:*:*:*:*:*:*:*",
"matchCriteriaId": "423620AD-EA6A-4730-B97A-DF67247372BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
},
{
"lang": "es",
"value": "El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versi\u00f3n 2.4.1 y anteriores, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior."
}
],
"evaluatorSolution": "http://xforce.iss.net/xforce/xfdb/34080\r\n\r\n\r\nFor Barracuda Spam Firewall:\r\nUpgrade to the latest virus definition version of Barracuda Spam Firewall (virusdef 2.0.6399 for 3.4 and after or virusdef 2.0.6399o for prior to 3.4), available from the automatic update.\r\n\r\nFor Panda Software Antivirus:\r\nUpgrade to the latest version of Panda Software Antivirus (4/2/2007 or later), available from the automatic update feature.\r\n\r\nFor avast! antivirus:\r\nUpgrade to the latest version of Panda Software Antivirus (4.7.981 or later), available from the avast! antivirus Web site. See references.\r\n\r\nFor Avira AntiVir:\r\nUpgrade to the latest version of Avira AntiVir (avpack32.dll version 7.3.0.6 or later), available from the automatic update feature.\r\n\r\nFor AMaViS:\r\nRefer to ASA-2007-2 for patch, upgrade, or suggested workaround information. See References.",
"id": "CVE-2007-1673",
"lastModified": "2024-11-21T00:28:54.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36208"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25315"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "cve@mitre.org",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2007-1672
Vulnerability from cvelistv5
Published
2007-05-09 00:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23823 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25137 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/467646/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2007/1701 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/35794 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/2680 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25137"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "ADV-2007-1701",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1701"
},
{
"name": "35794",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35794"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25137"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "ADV-2007-1701",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1701"
},
{
"name": "35794",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35794"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25137"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "ADV-2007-1701",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1701"
},
{
"name": "35794",
"refsource": "OSVDB",
"url": "http://osvdb.org/35794"
},
{
"name": "2680",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2680"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1672",
"datePublished": "2007-05-09T00:00:00",
"dateReserved": "2007-03-24T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2845
Vulnerability from cvelistv5
Published
2007-05-24 18:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around".
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=full-disclosure&m=118000321419384&w=2 | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34477 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/469469/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/25380 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.avast.com/eng/adnm-management-client-revision-history.html | x_refsource_CONFIRM | |
| http://osvdb.org/36523 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1018108 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/24132 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/1935 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:53.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
},
{
"name": "avast-cab-bo(34477)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
},
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
},
{
"name": "25380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25380"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
},
{
"name": "36523",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36523"
},
{
"name": "1018108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018108"
},
{
"name": "24132",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24132"
},
{
"name": "ADV-2007-1935",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1935"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
},
{
"name": "avast-cab-bo(34477)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
},
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
},
{
"name": "25380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25380"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
},
{
"name": "36523",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36523"
},
{
"name": "1018108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018108"
},
{
"name": "24132",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24132"
},
{
"name": "ADV-2007-1935",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1935"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
},
{
"name": "avast-cab-bo(34477)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
},
{
"name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
},
{
"name": "25380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25380"
},
{
"name": "http://www.avast.com/eng/adnm-management-client-revision-history.html",
"refsource": "CONFIRM",
"url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
},
{
"name": "36523",
"refsource": "OSVDB",
"url": "http://osvdb.org/36523"
},
{
"name": "1018108",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018108"
},
{
"name": "24132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24132"
},
{
"name": "ADV-2007-1935",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1935"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2845",
"datePublished": "2007-05-24T18:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:57:53.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6846
Vulnerability from cvelistv5
Published
2009-07-02 10:00
Modified
2024-08-07 11:42
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/52016 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/32747 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/499080/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2008/3460 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47251 | vdb-entry, x_refsource_XF | |
| http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:42:00.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52016",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52016"
},
{
"name": "32747",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32747"
},
{
"name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
},
{
"name": "ADV-2008-3460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3460"
},
{
"name": "avast-home-iso-rpm-bo(47251)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52016",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52016"
},
{
"name": "32747",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32747"
},
{
"name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
},
{
"name": "ADV-2008-3460",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3460"
},
{
"name": "avast-home-iso-rpm-bo(47251)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52016",
"refsource": "OSVDB",
"url": "http://osvdb.org/52016"
},
{
"name": "32747",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32747"
},
{
"name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
},
{
"name": "ADV-2008-3460",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3460"
},
{
"name": "avast-home-iso-rpm-bo(47251)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
},
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6846",
"datePublished": "2009-07-02T10:00:00",
"dateReserved": "2009-07-02T00:00:00",
"dateUpdated": "2024-08-07T11:42:00.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5523
Vulnerability from cvelistv5
Published
2008-12-12 18:13
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/4723 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/499043/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/498995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:47.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5523",
"datePublished": "2008-12-12T18:13:00",
"dateReserved": "2008-12-12T00:00:00",
"dateUpdated": "2024-08-07T10:56:47.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5662
Vulnerability from cvelistv5
Published
2015-10-18 10:00
Modified
2024-08-06 06:59
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160 | third-party-advisory, x_refsource_JVNDB | |
| http://www.securitytracker.com/id/1033860 | vdb-entry, x_refsource_SECTRACK | |
| http://jvn.jp/en/jp/JVN25576608/index.html | third-party-advisory, x_refsource_JVN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:03.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2015-000160",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
},
{
"name": "1033860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033860"
},
{
"name": "JVN#25576608",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN25576608/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2015-000160",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
},
{
"name": "1033860",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033860"
},
{
"name": "JVN#25576608",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN25576608/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-5662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000160",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
},
{
"name": "1033860",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033860"
},
{
"name": "JVN#25576608",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN25576608/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-5662",
"datePublished": "2015-10-18T10:00:00",
"dateReserved": "2015-07-24T00:00:00",
"dateUpdated": "2024-08-06T06:59:03.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1673
Vulnerability from cvelistv5
Published
2007-05-09 01:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.amavis.org/security/asa-2007-2.txt | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/36208 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/23823 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25315 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/467646/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2680 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.amavis.org/security/asa-2007-2.txt",
"refsource": "CONFIRM",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"refsource": "OSVDB",
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2680"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1673",
"datePublished": "2007-05-09T01:00:00",
"dateReserved": "2007-03-24T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}