Vulnerabilites related to panda - panda_antivirus
cve-2007-3969
Vulnerability from cvelistv5
Published
2007-07-25 17:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf | x_refsource_MISC | |
| http://securityreason.com/securityalert/2920 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/24989 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/26171 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1018437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/474247/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "2920",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2920"
},
{
"name": "24989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24989"
},
{
"name": "26171",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26171"
},
{
"name": "1018437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018437"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an \"Integer Cast Around.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "2920",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2920"
},
{
"name": "24989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24989"
},
{
"name": "26171",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26171"
},
{
"name": "1018437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018437"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an \"Integer Cast Around.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"name": "2920",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2920"
},
{
"name": "24989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24989"
},
{
"name": "26171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26171"
},
{
"name": "1018437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018437"
},
{
"name": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt",
"refsource": "MISC",
"url": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"name": "20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3969",
"datePublished": "2007-07-25T17:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1673
Vulnerability from cvelistv5
Published
2007-05-09 01:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.amavis.org/security/asa-2007-2.txt | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/36208 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/23823 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25315 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/467646/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2680 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2680"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.amavis.org/security/asa-2007-2.txt",
"refsource": "CONFIRM",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "36208",
"refsource": "OSVDB",
"url": "http://osvdb.org/36208"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "25315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25315"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2680"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1673",
"datePublished": "2007-05-09T01:00:00",
"dateReserved": "2007-03-24T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4191
Vulnerability from cvelistv5
Published
2007-08-08 01:11
Modified
2024-08-07 14:46
Severity ?
EPSS score ?
Summary
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/480022/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/26336 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/480443/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1018722 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/25186 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/475373/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://tiifp.org/tarkus/advisories/panda030707.txt | x_refsource_MISC | |
| http://securityreason.com/securityalert/2968 | third-party-advisory, x_refsource_SREASON | |
| http://www.pandasecurity.com/homeusers/support/card?id=41111&idIdioma=2&ref=PAV08Dev | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/2784 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070919 RE: Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480022/100/100/threaded"
},
{
"name": "26336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26336"
},
{
"name": "20070924 RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480443/100/100/threaded"
},
{
"name": "1018722",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018722"
},
{
"name": "25186",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25186"
},
{
"name": "20070802 Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475373/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tiifp.org/tarkus/advisories/panda030707.txt"
},
{
"name": "2968",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2968"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev"
},
{
"name": "ADV-2007-2784",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2784"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Panda Antivirus 2008 stores service executables under the product\u0027s installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070919 RE: Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480022/100/100/threaded"
},
{
"name": "26336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26336"
},
{
"name": "20070924 RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480443/100/100/threaded"
},
{
"name": "1018722",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018722"
},
{
"name": "25186",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25186"
},
{
"name": "20070802 Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475373/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tiifp.org/tarkus/advisories/panda030707.txt"
},
{
"name": "2968",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2968"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev"
},
{
"name": "ADV-2007-2784",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2784"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Panda Antivirus 2008 stores service executables under the product\u0027s installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070919 RE: Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480022/100/100/threaded"
},
{
"name": "26336",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26336"
},
{
"name": "20070924 RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480443/100/100/threaded"
},
{
"name": "1018722",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018722"
},
{
"name": "25186",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25186"
},
{
"name": "20070802 Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475373/100/0/threaded"
},
{
"name": "https://tiifp.org/tarkus/advisories/panda030707.txt",
"refsource": "MISC",
"url": "https://tiifp.org/tarkus/advisories/panda030707.txt"
},
{
"name": "2968",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2968"
},
{
"name": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev",
"refsource": "CONFIRM",
"url": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev"
},
{
"name": "ADV-2007-2784",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2784"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4191",
"datePublished": "2007-08-08T01:11:00",
"dateReserved": "2007-08-07T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3922
Vulnerability from cvelistv5
Published
2005-11-30 11:00
Modified
2024-08-07 23:31
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.rem0te.com/public/images/panda.pdf | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2005/2666 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/15616 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17765 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/23276 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/418096/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/216 | third-party-advisory, x_refsource_SREASON | |
| http://securitytracker.com/id?1015295 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/21256 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:48.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rem0te.com/public/images/panda.pdf",
"refsource": "MISC",
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3922",
"datePublished": "2005-11-30T11:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T23:31:48.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1670
Vulnerability from cvelistv5
Published
2007-05-09 00:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/25152 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/23823 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/1700 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/467646/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/35845 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"refsource": "OSVDB",
"url": "http://osvdb.org/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1670",
"datePublished": "2007-05-09T00:00:00",
"dateReserved": "2007-03-24T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0541
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4707 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1359 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "panda-antivirus-remote-admin(4707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707"
},
{
"name": "20000617 Infosec.20000617.panda.a",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html"
},
{
"name": "1359",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "panda-antivirus-remote-admin(4707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707"
},
{
"name": "20000617 Infosec.20000617.panda.a",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html"
},
{
"name": "1359",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "panda-antivirus-remote-admin(4707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707"
},
{
"name": "20000617 Infosec.20000617.panda.a",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html"
},
{
"name": "1359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0541",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-05-09 00:19
Modified
2024-11-21 00:28
Severity ?
Summary
Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| panda | panda_activescan | 5.0 | |
| panda | panda_activescan | 5.53.00 | |
| panda | panda_activescan | 5.54.1 | |
| panda | panda_antivirus | 2.0 | |
| panda | panda_antivirus | 2.0 | |
| panda | panda_platinum_2006_internet_security | * | |
| panda | panda_platinum_2007_internet_security | * | |
| panda | panda_titanium_2005_antivirus | * | |
| panda | panda_titanium_2006_antivirus_\+_antispyware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_activescan:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC104885-D18F-49FC-B625-5AF87037BEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_activescan:5.53.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E446FF61-F6DA-4AC7-8623-8731A6EFE323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_activescan:5.54.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3D6D08-B0AD-4787-91E5-BD05736B1FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2.0:*:netware:*:*:*:*:*",
"matchCriteriaId": "60F7F210-A968-4B87-A170-0E18DBC72F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2.0:*:platinum:*:*:*:*:*",
"matchCriteriaId": "B0D87E60-D09D-4A46-9536-BB7354B543EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_platinum_2006_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18154EE6-3BFF-498C-9A6A-77BE75280CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_platinum_2007_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A03C13-5A45-4D92-A257-028E7BD1A9C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_titanium_2005_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA232ECD-5983-4A7C-AE29-2FF43A8531A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_titanium_2006_antivirus_\\+_antispyware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1CBEFF-9EDD-476E-86BE-7EBFAFA86DF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
},
{
"lang": "es",
"value": "Panda Software Antivirus versiones anteriores a 20070402 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entradas de directorio que apuntan a un fichero previo."
}
],
"id": "CVE-2007-1670",
"lastModified": "2024-11-21T00:28:53.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35845"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25152"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-08 01:17
Modified
2024-11-21 00:35
Severity ?
Summary
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| panda | panda_antivirus | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "A12B6714-7FD7-4EF7-A506-80D3C53DC2FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Panda Antivirus 2008 stores service executables under the product\u0027s installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657."
},
{
"lang": "es",
"value": "Panda Antivirus 2008 almacena ejecutables de servicio bajo el directorio de instalaci\u00f3n del producto con permisos d\u00e9biles, lo cual permite a usuarios locales obtener privilegios LocalSystem modificando PAVSRV51.EXE u otros ficheros no especificados, un asunto similar a CVE-2006-4657."
}
],
"id": "CVE-2007-4191",
"lastModified": "2024-11-21T00:35:00.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-08T01:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26336"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2968"
},
{
"source": "cve@mitre.org",
"url": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/475373/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480022/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480443/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25186"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018722"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2784"
},
{
"source": "cve@mitre.org",
"url": "https://tiifp.org/tarkus/advisories/panda030707.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pandasecurity.com/homeusers/support/card?id=41111\u0026idIdioma=2\u0026ref=PAV08Dev"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/475373/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480022/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480443/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://tiifp.org/tarkus/advisories/panda030707.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-30 11:03
Modified
2024-11-21 00:03
Severity ?
Summary
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_activescan:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC104885-D18F-49FC-B625-5AF87037BEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C870F9D-2A8E-4BF1-8D61-8583B62325DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus_platinum:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1F7F47-F04D-4D03-9CC3-1F9DE477BD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_businessecure_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4BFA06-88E1-4450-92D9-37A537406998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_clientshield_with_truprevent_technologies:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03B46BEE-D9C3-4A3E-8830-B3029D80393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_enterprisecure_with_truprevent_technologies:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9FFCEF-E7E9-4601-ADEA-743FDEAD396C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_exchangesecure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CA579-31B9-4E21-A12E-11386D9BF328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_filesecure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66A78D31-6E6C-447C-AA30-1D3FF2E29E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_filesecure_with_truprevent_technologies:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F9A038-E995-4D69-8713-DCFBB04C9A20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_gatedefender:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1508CC87-5D6C-40E5-852E-AFA2720CA33C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_isa_secure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "556A2E21-0F3B-474D-82F8-E40F546B913A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_panda_enterprisecure_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2EBC7A-E002-4312-B440-04BCA704FD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_platinum_2006_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18154EE6-3BFF-498C-9A6A-77BE75280CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03C5DC7E-F0EA-4C33-BF61-7698FD12F69A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_titanium:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8464DAC4-A199-4D56-A719-8552156E67F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_titanium_2005_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA232ECD-5983-4A7C-AE29-2FF43A8531A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_titanium_2006_antivirus_\\+_antispyware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1CBEFF-9EDD-476E-86BE-7EBFAFA86DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_truprevent_personal:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "C201C1B9-40CE-4D32-826D-5A44378F4C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_truprevent_personal:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABC3E00-E5B7-47BE-87F4-55B004083215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_webadmin:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7366EC43-D75C-468F-8E46-C65AC771183B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
],
"id": "CVE-2005-3922",
"lastModified": "2024-11-21T00:03:04.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-30T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17765"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/216"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015295"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/21256"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15616"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/21256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-06-17 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1359 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/4707 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1359 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/4707 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| panda | panda_antivirus | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2.0:*:netware:*:*:*:*:*",
"matchCriteriaId": "60F7F210-A968-4B87-A170-0E18DBC72F4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command."
}
],
"id": "CVE-2000-0541",
"lastModified": "2024-11-20T23:32:44.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-06-17T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1359"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-25 17:30
Modified
2024-11-21 00:34
Severity ?
Summary
Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| panda | panda_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CE82DE-CAC5-4BD7-BA34-BE88AD4BDD36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an \"Integer Cast Around.\""
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el Antivirus Panda anterior al 20070720 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero EXE modificado, resultado de un \"Integer Cast Around\"."
}
],
"id": "CVE-2007-3969",
"lastModified": "2024-11-21T00:34:29.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-25T17:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26171"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2920"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24989"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018437"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-09 01:19
Modified
2024-11-21 00:28
Severity ?
Summary
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF6FAE-B025-4F70-9F52-C7C12C6F705D",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC3BF13-2946-411E-93A5-0C3AF0508C60",
"versionEndIncluding": "4.7.980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.6.394:*:*:*:*:*:*:*",
"matchCriteriaId": "8683D747-C092-4841-AABF-280D7EB771F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.7.652:*:*:*:*:*:*:*",
"matchCriteriaId": "D393356E-0464-41B6-9D56-2DCFC6900244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus:4.7.700:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED7C89E-E28B-4BE9-952D-86A8D089B41D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1519A450-8F71-408A-81B8-AA6F337E7A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "48872452-2B26-44C4-A9FF-0D9D23AAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.652:*:*:*:*:*:*:*",
"matchCriteriaId": "275D7948-61FB-4415-A9EB-59EEF9757149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.655:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCC4081-D877-4DE3-9342-59BCE7C41CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.665:*:*:*:*:*:*:*",
"matchCriteriaId": "B189DFCB-2307-43B4-8102-BA725CEE0711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.6.691:*:*:*:*:*:*:*",
"matchCriteriaId": "3C733E69-33B3-465B-B146-A68C26373E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF16A3D-BC29-4426-BDF5-F1C6E85228B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*",
"matchCriteriaId": "33A71A2C-36AC-4F36-9D94-AA824F4DE14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:*:*:*:*:*:*",
"matchCriteriaId": "E02983BB-F027-4967-A230-933299D2D061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*",
"matchCriteriaId": "62618C12-3EAC-4434-B2A8-D83612F1A05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:*:*:*:*:*:*",
"matchCriteriaId": "238FB2B1-41CF-46DB-8ED7-7F2B6609C27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*",
"matchCriteriaId": "B949535B-9771-4AC6-BBDB-8BB3A789A1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:*:*:*:*:*:*",
"matchCriteriaId": "97FEA351-FFF6-4452-9A2B-A7AAF4D7EE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*",
"matchCriteriaId": "DC6DA89A-BF71-4031-9B51-E5941FDE5E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "18837F1C-8ECD-4202-9489-08D63FB28CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*",
"matchCriteriaId": "DB201D49-EB74-4A5D-B641-86C4429E3EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "231DDF5E-5026-4844-8374-45F0926F8C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8822D55C-FEE7-41B5-A8D5-8D9F514CF815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.603:*:*:*:*:*:*:*",
"matchCriteriaId": "B89C0CA4-00DE-4CAD-B554-36C46815A919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.652:*:*:*:*:*:*:*",
"matchCriteriaId": "A618B922-80E7-4769-90BA-5FE231DA6B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.665:*:*:*:*:*:*:*",
"matchCriteriaId": "40F19B83-BAD9-4CDC-95C5-6D352F223AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.6.691:*:*:*:*:*:*:*",
"matchCriteriaId": "762B6C23-5ADD-4221-8146-DF9CE95637BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3B1651-DC3E-43B8-A5A4-8BEF7D668EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:windows:*:*:*:*:*",
"matchCriteriaId": "DF2D8C10-01E4-43D7-93EE-342BA7E9C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0980CA-26A4-468E-82F3-E03953250343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:windows:*:*:*:*:*",
"matchCriteriaId": "AAB7888A-E884-4C73-AF10-698C56E080F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.869:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5B2325-D8EE-4D1E-8291-740726FC1EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0EF168-1F0D-4772-8922-0A75CAF28661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:windows:*:*:*:*:*",
"matchCriteriaId": "1F7F2957-4422-4891-B573-F68882D7C8E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1098:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAED694-2497-488B-A2AB-0781501678F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD00670-7EC0-4AA4-98EF-C8AE38330284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:6.35.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C23C179C-B50E-4F47-BFFA-85848131C99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.04.00.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5C813AD8-5D73-41DF-B710-3CEB20FB9EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B38A75AF-D8B4-4B54-87E9-6EED562CAAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:classic:*:*:*:*:*",
"matchCriteriaId": "5DB520B5-36E8-4F4B-99FF-0FF3F708CC8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:premium:*:*:*:*:*",
"matchCriteriaId": "BECD1C6B-EC0F-4203-BA12-F8B02472FF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD267D52-D580-4460-AFF9-E5BA478A98FA",
"versionEndIncluding": "7.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:7:*:*:*:*:*:*:*",
"matchCriteriaId": "64D94528-A54F-439B-8584-57A82CDF7318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir_personal:7:*:classic:*:*:*:*:*",
"matchCriteriaId": "DB66A5A4-6758-438D-9155-7475A5406DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F9AF4F-E974-4D6F-AF51-0DA7A59E64FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DBEED1-0648-45F3-AFC2-91C872A1B098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:picozip:picozip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD36471-D8DC-4B11-B53B-264AB1560063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rahul_dhesi:zoo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79845C9F-7884-4F77-B492-4A944D3DCCEA",
"versionEndIncluding": "2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:unzoo:unzoo:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B93C2E82-03E5-42CE-A589-B82FBCBE7D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winace:winace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7B6EE8-25D5-4C89-A0B8-A069D330A9D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D03D666-D234-4626-82F9-EC5726BE1920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_100:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BEEFB2-C6ED-43D5-B535-623931C38890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_200:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ECF7F8-A29F-4868-9DE5-4227E5DA2285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_300:*:*:*:*:*:*:*",
"matchCriteriaId": "6A897043-9003-4F27-8C7D-AE6B2BD0389C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_400:*:*:*:*:*:*:*",
"matchCriteriaId": "1F05FEF8-6B34-4874-AD6B-A053415BD939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_500:*:*:*:*:*:*:*",
"matchCriteriaId": "D28FAD61-3723-4CCC-B890-C5869E7AC3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_600:*:*:*:*:*:*:*",
"matchCriteriaId": "7697AAC2-EC8A-496E-9336-29AAE61CD69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_800:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA47F3A-44BA-4011-8A44-1AE54D02E772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_900:*:*:*:*:*:*:*",
"matchCriteriaId": "423620AD-EA6A-4730-B97A-DF67247372BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
},
{
"lang": "es",
"value": "El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versi\u00f3n 2.4.1 y anteriores, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior."
}
],
"evaluatorSolution": "http://xforce.iss.net/xforce/xfdb/34080\r\n\r\n\r\nFor Barracuda Spam Firewall:\r\nUpgrade to the latest virus definition version of Barracuda Spam Firewall (virusdef 2.0.6399 for 3.4 and after or virusdef 2.0.6399o for prior to 3.4), available from the automatic update.\r\n\r\nFor Panda Software Antivirus:\r\nUpgrade to the latest version of Panda Software Antivirus (4/2/2007 or later), available from the automatic update feature.\r\n\r\nFor avast! antivirus:\r\nUpgrade to the latest version of Panda Software Antivirus (4.7.981 or later), available from the avast! antivirus Web site. See references.\r\n\r\nFor Avira AntiVir:\r\nUpgrade to the latest version of Avira AntiVir (avpack32.dll version 7.3.0.6 or later), available from the automatic update feature.\r\n\r\nFor AMaViS:\r\nRefer to ASA-2007-2 for patch, upgrade, or suggested workaround information. See References.",
"id": "CVE-2007-1673",
"lastModified": "2024-11-21T00:28:54.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36208"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25315"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "cve@mitre.org",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.amavis.org/security/asa-2007-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}