Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities by bullguard
CVE-2019-20000 (GCVE-0-2019-20000)
Vulnerability from cvelistv5 – Published: 2019-12-26 04:07 – Updated: 2024-08-05 02:32
VLAI
Summary
The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/NtRaiseHardError/Antimalware-R… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:32:10.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T04:07:45.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md",
"refsource": "MISC",
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20000",
"datePublished": "2019-12-26T04:07:45.000Z",
"dateReserved": "2019-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:32:10.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-17061 (GCVE-0-2018-17061)
Vulnerability from cvelistv5 – Published: 2018-09-15 19:00 – Updated: 2024-08-05 10:39
VLAI
Summary
BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://medium.com/%40Mthirup/hacking-your-own-an… | x_refsource_MISC |
| https://www.bullguard.com/about/release-notes | x_refsource_CONFIRM |
Date Public
2018-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:39:59.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bullguard.com/about/release-notes"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-20T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bullguard.com/about/release-notes"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7",
"refsource": "MISC",
"url": "https://medium.com/@Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"name": "https://www.bullguard.com/about/release-notes",
"refsource": "CONFIRM",
"url": "https://www.bullguard.com/about/release-notes"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-17061",
"datePublished": "2018-09-15T19:00:00.000Z",
"dateReserved": "2018-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:39:59.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9642 (GCVE-0-2014-9642)
Vulnerability from cvelistv5 – Published: 2015-02-06 15:00 – Updated: 2024-08-06 13:47
VLAI
Summary
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.greyhathacker.net/?p=818 | x_refsource_MISC |
| http://www.osvdb.org/114478 | vdb-entryx_refsource_OSVDB |
| http://www.bullguard.com/about/release-notes.aspx | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/130247/BullG… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/35994 | exploitx_refsource_EXPLOIT-DB |
Date Public
2015-02-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-06T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/114478"
},
{
"name": "http://www.bullguard.com/about/release-notes.aspx",
"refsource": "CONFIRM",
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"name": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9642",
"datePublished": "2015-02-06T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5409 (GCVE-0-2008-5409)
Vulnerability from cvelistv5 – Published: 2008-12-09 11:00 – Updated: 2024-08-07 10:49
VLAI
Summary
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/32789 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/27805 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50205 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/7178 | exploitx_refsource_EXPLOIT-DB |
| http://osvdb.org/50103 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/32396 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/32814 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50010 | vdb-entryx_refsource_OSVDB |
| http://milw0rm.com/sploits/2008-BitDefenderDOS.zip | x_refsource_MISC |
Date Public
2008-11-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"refsource": "OSVDB",
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"refsource": "OSVDB",
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"refsource": "OSVDB",
"url": "http://osvdb.org/50010"
},
{
"name": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip",
"refsource": "MISC",
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5409",
"datePublished": "2008-12-09T11:00:00.000Z",
"dateReserved": "2008-12-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:49:12.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-20000 (GCVE-0-2019-20000)
Vulnerability from nvd – Published: 2019-12-26 04:07 – Updated: 2024-08-05 02:32
VLAI
Summary
The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/NtRaiseHardError/Antimalware-R… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:32:10.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T04:07:45.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md",
"refsource": "MISC",
"url": "https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20000",
"datePublished": "2019-12-26T04:07:45.000Z",
"dateReserved": "2019-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:32:10.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-17061 (GCVE-0-2018-17061)
Vulnerability from nvd – Published: 2018-09-15 19:00 – Updated: 2024-08-05 10:39
VLAI
Summary
BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://medium.com/%40Mthirup/hacking-your-own-an… | x_refsource_MISC |
| https://www.bullguard.com/about/release-notes | x_refsource_CONFIRM |
Date Public
2018-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:39:59.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bullguard.com/about/release-notes"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-20T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bullguard.com/about/release-notes"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7",
"refsource": "MISC",
"url": "https://medium.com/@Mthirup/hacking-your-own-antivirus-for-fun-and-profit-safe-browsing-gone-wrong-365db9d1d3f7"
},
{
"name": "https://www.bullguard.com/about/release-notes",
"refsource": "CONFIRM",
"url": "https://www.bullguard.com/about/release-notes"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-17061",
"datePublished": "2018-09-15T19:00:00.000Z",
"dateReserved": "2018-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:39:59.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9642 (GCVE-0-2014-9642)
Vulnerability from nvd – Published: 2015-02-06 15:00 – Updated: 2024-08-06 13:47
VLAI
Summary
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.greyhathacker.net/?p=818 | x_refsource_MISC |
| http://www.osvdb.org/114478 | vdb-entryx_refsource_OSVDB |
| http://www.bullguard.com/about/release-notes.aspx | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/130247/BullG… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/35994 | exploitx_refsource_EXPLOIT-DB |
Date Public
2015-02-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-06T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/114478"
},
{
"name": "http://www.bullguard.com/about/release-notes.aspx",
"refsource": "CONFIRM",
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"name": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9642",
"datePublished": "2015-02-06T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5409 (GCVE-0-2008-5409)
Vulnerability from nvd – Published: 2008-12-09 11:00 – Updated: 2024-08-07 10:49
VLAI
Summary
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/32789 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/27805 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50205 | vdb-entryx_refsource_OSVDB |
| https://www.exploit-db.com/exploits/7178 | exploitx_refsource_EXPLOIT-DB |
| http://osvdb.org/50103 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/32396 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/32814 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/50010 | vdb-entryx_refsource_OSVDB |
| http://milw0rm.com/sploits/2008-BitDefenderDOS.zip | x_refsource_MISC |
Date Public
2008-11-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"refsource": "OSVDB",
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"refsource": "OSVDB",
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"refsource": "OSVDB",
"url": "http://osvdb.org/50010"
},
{
"name": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip",
"refsource": "MISC",
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5409",
"datePublished": "2008-12-09T11:00:00.000Z",
"dateReserved": "2008-12-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:49:12.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}