Search criteria
53 vulnerabilities found for nod32_antivirus by eset_software
FKIE_CVE-2007-3971
Vulnerability from fkie_nvd - Published: 2007-07-25 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9378BC44-94CD-4066-BC60-192538C4030A",
"versionEndIncluding": "2.2289",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop."
},
{
"lang": "es",
"value": "Desbordamiento de entero en ESET NOD32 Antivirus versiones anteriores a 2.2289 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de CPU y disco) mediante un fichero comprimido ASPACK manipulado, que dispara un bucle infinito."
}
],
"id": "CVE-2007-3971",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-25T17:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37977"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26124"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2923"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018436"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-3972
Vulnerability from fkie_nvd - Published: 2007-07-25 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9378BC44-94CD-4066-BC60-192538C4030A",
"versionEndIncluding": "2.2289",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error."
},
{
"lang": "es",
"value": "ESET NOD32 Antivirus anterior a 2.2289 permite a atacantes remotos provocar denegaci\u00f3n de servicio a trav\u00e9s de archivos (1) ASPACK manipulados o (2) paquetes FSG, el cual dispara un error de divisi\u00f3n por cero."
}
],
"id": "CVE-2007-3972",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-25T17:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37978"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26124"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2924"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2852
Vulnerability from fkie_nvd - Published: 2007-05-24 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | 2.70.37.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:2.70.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2540859E-4444-41B6-8630-FAFB4AB71F90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el Antivirus ESET NOD32 para versiones anteriores a la 2.70.37.0 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n durante (1) el borrado/desinfecci\u00f3n o (2) las operaciones de renombrado a trav\u00e9s de un nombre de directorio modificado."
}
],
"id": "CVE-2007-2852",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-24T19:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36650"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25375"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2733"
},
{
"source": "cve@mitre.org",
"url": "http://www.eset.com/support/news.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24098"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eset.com/support/news.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6676
Vulnerability from fkie_nvd - Published: 2006-12-21 01:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | * | |
| eset_software | nod32_antivirus | 1.0.11 | |
| eset_software | nod32_antivirus | 1.0.12 | |
| eset_software | nod32_antivirus | 1.0.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC701F4-5BF7-4AC0-9E9D-970C45409F3F",
"versionEndIncluding": "1.1742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en los analizadores sint\u00e1cticos (a) OLE2 y (b) CHM para el Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante ficheros (1) .DOC o (2) .CAB manipulados, lo cual dispara un desbordamiento de b\u00fafer basado en pila."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nEset Software, NOD32 Antivirus, 1.1743",
"id": "CVE-2006-6676",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-21T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23459"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2079"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21682"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-6677
Vulnerability from fkie_nvd - Published: 2006-12-21 01:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | * | |
| eset_software | nod32_antivirus | 1.0.11 | |
| eset_software | nod32_antivirus | 1.0.12 | |
| eset_software | nod32_antivirus | 1.0.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC701F4-5BF7-4AC0-9E9D-970C45409F3F",
"versionEndIncluding": "1.1742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error."
},
{
"lang": "es",
"value": "El Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un fichero .CHM modificado que dispara un error de \"divisi\u00f3n por cero\"."
}
],
"id": "CVE-2006-6677",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-21T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23459"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2079"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21682"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/5095"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-0951
Vulnerability from fkie_nvd - Published: 2006-04-08 01:04 - Updated: 2025-04-03 01:03
Severity ?
Summary
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1997DD1E-C6D2-441D-B5C6-1FC9F1D8B04E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors."
}
],
"id": "CVE-2006-0951",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-08T01:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19054"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24394"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1242"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1649
Vulnerability from fkie_nvd - Published: 2006-04-06 10:04 - Updated: 2025-04-03 01:03
Severity ?
Summary
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | 1.0.11 | |
| eset_software | nod32_antivirus | 1.0.12 | |
| eset_software | nod32_antivirus | 1.0.13 | |
| eset_software | nod32_antivirus | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1997DD1E-C6D2-441D-B5C6-1FC9F1D8B04E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"restore to\" selection in the \"quarantine a file\" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions."
}
],
"evaluatorSolution": "ESET NOD32 Antivirus version 2.51.26 fixes this vulnerability. All versions of this product prior to 2.51.26 are vulnerable.",
"id": "CVE-2006-1649",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-06T10:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19054"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/672"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015867"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24393"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3212
Vulnerability from fkie_nvd - Published: 2005-10-14 10:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E090CB46-AD90-4925-94DC-2F37A8E8FF48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
],
"id": "CVE-2005-3212",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-10-14T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-2903
Vulnerability from fkie_nvd - Published: 2005-09-14 20:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eset_software | nod32_antivirus | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1997DD1E-C6D2-441D-B5C6-1FC9F1D8B04E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename."
}
],
"id": "CVE-2005-2903",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-09-14T20:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14773"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0937
Vulnerability from fkie_nvd - Published: 2005-02-09 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0937",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-3972 (GCVE-0-2007-3972)
Vulnerability from cvelistv5 – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2924"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37978"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2924"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37978"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2924"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"refsource": "OSVDB",
"url": "http://osvdb.org/37978"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3972",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3970 (GCVE-0-2007-3970)
Vulnerability from cvelistv5 – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"refsource": "OSVDB",
"url": "http://osvdb.org/37976"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3970",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3971 (GCVE-0-2007-3971)
Vulnerability from cvelistv5 – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37977"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37977"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2923",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"refsource": "OSVDB",
"url": "http://osvdb.org/37977"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3971",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2852 (GCVE-0-2007-2852)
Vulnerability from cvelistv5 – Published: 2007-05-24 19:00 – Updated: 2024-08-07 13:57
VLAI?
Summary
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt",
"refsource": "MISC",
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"refsource": "OSVDB",
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"name": "http://www.eset.com/support/news.php",
"refsource": "CONFIRM",
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2852",
"datePublished": "2007-05-24T19:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6676 (GCVE-0-2006-6676)
Vulnerability from cvelistv5 – Published: 2006-12-21 01:00 – Updated: 2024-08-07 20:33
VLAI?
Summary
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2079"
},
{
"name": "http://eset.com/support/updates.php?pageno=63",
"refsource": "CONFIRM",
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6676",
"datePublished": "2006-12-21T01:00:00",
"dateReserved": "2006-12-20T00:00:00",
"dateUpdated": "2024-08-07T20:33:59.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6677 (GCVE-0-2006-6677)
Vulnerability from cvelistv5 – Published: 2006-12-21 01:00 – Updated: 2024-08-07 20:34
VLAI?
Summary
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:34:00.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2079"
},
{
"name": "http://eset.com/support/updates.php?pageno=63",
"refsource": "CONFIRM",
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6677",
"datePublished": "2006-12-21T01:00:00",
"dateReserved": "2006-12-20T00:00:00",
"dateUpdated": "2024-08-07T20:34:00.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0951 (GCVE-0-2006-0951)
Vulnerability from cvelistv5 – Published: 2006-04-08 01:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24394",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "http://secunia.com/secunia_research/2006-17/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0951",
"datePublished": "2006-04-08T01:00:00",
"dateReserved": "2006-03-01T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1649 (GCVE-0-2006-1649)
Vulnerability from cvelistv5 – Published: 2006-04-06 10:00 – Updated: 2024-08-07 17:19
VLAI?
Summary
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:49.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \"restore to\" selection in the \"quarantine a file\" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"restore to\" selection in the \"quarantine a file\" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24393",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1649",
"datePublished": "2006-04-06T10:00:00",
"dateReserved": "2006-04-06T00:00:00",
"dateUpdated": "2024-08-07T17:19:49.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3212 (GCVE-0-2005-3212)
Vulnerability from cvelistv5 – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI?
Summary
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://shadock.net/secubox/AVCraftedArchive.html",
"refsource": "MISC",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3212",
"datePublished": "2005-10-14T04:00:00",
"dateReserved": "2005-10-14T00:00:00",
"dateUpdated": "2024-08-07T23:01:59.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2903 (GCVE-0-2005-2903)
Vulnerability from cvelistv5 – Published: 2005-09-14 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:29.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14773"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14773"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14773"
},
{
"name": "http://secunia.com/secunia_research/2005-40/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2903",
"datePublished": "2005-09-14T04:00:00",
"dateReserved": "2005-09-14T00:00:00",
"dateUpdated": "2024-08-07T22:53:29.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3972 (GCVE-0-2007-3972)
Vulnerability from nvd – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2924"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37978"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2924"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37978"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "2924",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2924"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37978",
"refsource": "OSVDB",
"url": "http://osvdb.org/37978"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt"
},
{
"name": "nod32-aspack-fsg-dos(35524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3972",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3970 (GCVE-0-2007-3970)
Vulnerability from nvd – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474244/100/0/threaded"
},
{
"name": "2922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2922"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37976",
"refsource": "OSVDB",
"url": "http://osvdb.org/37976"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.016]%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "nod32-cab-code-execution(35526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35526"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3970",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3971 (GCVE-0-2007-3971)
Vulnerability from nvd – Published: 2007-07-25 17:00 – Updated: 2024-08-07 14:37
VLAI?
Summary
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37977"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2923",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37977"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2923",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2923"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.017 - NOD32 Antivirus ASPACK parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474245/100/0/threaded"
},
{
"name": "26124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26124"
},
{
"name": "nod32-aspack-dos(35525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35525"
},
{
"name": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26",
"refsource": "CONFIRM",
"url": "http://www.eset.com/joomla/index.php?option=com_content\u0026task=view\u0026id=3469\u0026Itemid=26"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf"
},
{
"name": "24988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24988"
},
{
"name": "37977",
"refsource": "OSVDB",
"url": "http://osvdb.org/37977"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.017]%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt"
},
{
"name": "1018436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018436"
},
{
"name": "ADV-2007-2602",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3971",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2852 (GCVE-0-2007-2852)
Vulnerability from nvd – Published: 2007-05-24 19:00 – Updated: 2024-08-07 13:57
VLAI?
Summary
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt",
"refsource": "MISC",
"url": "http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt"
},
{
"name": "36650",
"refsource": "OSVDB",
"url": "http://osvdb.org/36650"
},
{
"name": "20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469300/100/0/threaded"
},
{
"name": "24098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24098"
},
{
"name": "25375",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25375"
},
{
"name": "20070523 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469337/100/0/threaded"
},
{
"name": "nod32-directoryname-bo(34454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34454"
},
{
"name": "http://www.eset.com/support/news.php",
"refsource": "CONFIRM",
"url": "http://www.eset.com/support/news.php"
},
{
"name": "ADV-2007-1911",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1911"
},
{
"name": "2733",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2733"
},
{
"name": "20070524 Re: NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469468/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2852",
"datePublished": "2007-05-24T19:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6676 (GCVE-0-2006-6676)
Vulnerability from nvd – Published: 2006-12-21 01:00 – Updated: 2024-08-07 20:33
VLAI?
Summary
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061221 NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455045/100/0/threaded"
},
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2079"
},
{
"name": "http://eset.com/support/updates.php?pageno=63",
"refsource": "CONFIRM",
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6676",
"datePublished": "2006-12-21T01:00:00",
"dateReserved": "2006-12-20T00:00:00",
"dateUpdated": "2024-08-07T20:33:59.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6677 (GCVE-0-2006-6677)
Vulnerability from nvd – Published: 2006-12-21 01:00 – Updated: 2024-08-07 20:34
VLAI?
Summary
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:34:00.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061220 NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454949/100/0/threaded"
},
{
"name": "ADV-2006-5095",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5095"
},
{
"name": "2079",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2079"
},
{
"name": "http://eset.com/support/updates.php?pageno=63",
"refsource": "CONFIRM",
"url": "http://eset.com/support/updates.php?pageno=63"
},
{
"name": "23459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23459"
},
{
"name": "21682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6677",
"datePublished": "2006-12-21T01:00:00",
"dateReserved": "2006-12-20T00:00:00",
"dateUpdated": "2024-08-07T20:34:00.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0951 (GCVE-0-2006-0951)
Vulnerability from nvd – Published: 2006-04-08 01:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24394",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24394"
},
{
"name": "ADV-2006-1242",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "http://secunia.com/secunia_research/2006-17/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-17/advisory/"
},
{
"name": "19054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0951",
"datePublished": "2006-04-08T01:00:00",
"dateReserved": "2006-03-01T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1649 (GCVE-0-2006-1649)
Vulnerability from nvd – Published: 2006-04-06 10:00 – Updated: 2024-08-07 17:19
VLAI?
Summary
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:49.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \"restore to\" selection in the \"quarantine a file\" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"restore to\" selection in the \"quarantine a file\" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24393",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24393"
},
{
"name": "1015867",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015867"
},
{
"name": "17374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17374"
},
{
"name": "672",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/672"
},
{
"name": "nod32-restoreto-file-upload(25640)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25640"
},
{
"name": "ADV-2006-1242",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1242"
},
{
"name": "20060404 NOD32 local privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429892/100/0/threaded"
},
{
"name": "19054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1649",
"datePublished": "2006-04-06T10:00:00",
"dateReserved": "2006-04-06T00:00:00",
"dateUpdated": "2024-08-07T17:19:49.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3212 (GCVE-0-2005-3212)
Vulnerability from nvd – Published: 2005-10-14 04:00 – Updated: 2024-08-07 23:01
VLAI?
Summary
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://shadock.net/secubox/AVCraftedArchive.html",
"refsource": "MISC",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3212",
"datePublished": "2005-10-14T04:00:00",
"dateReserved": "2005-10-14T00:00:00",
"dateUpdated": "2024-08-07T23:01:59.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2903 (GCVE-0-2005-2903)
Vulnerability from nvd – Published: 2005-09-14 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:29.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14773"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14773"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14773"
},
{
"name": "http://secunia.com/secunia_research/2005-40/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-40/advisory/"
},
{
"name": "nod32-arj-archive-bo(22203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22203"
},
{
"name": "16604",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16604/"
},
{
"name": "20050908 Secunia Research: NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112621063025054\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2903",
"datePublished": "2005-09-14T04:00:00",
"dateReserved": "2005-09-14T00:00:00",
"dateUpdated": "2024-08-07T22:53:29.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}