FKIE_CVE-2005-3922

Vulnerability from fkie_nvd - Published: 2005-11-30 11:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
References
cve@mitre.orghttp://secunia.com/advisories/17765
cve@mitre.orghttp://securityreason.com/securityalert/216
cve@mitre.orghttp://securitytracker.com/id?1015295
cve@mitre.orghttp://www.osvdb.org/21256
cve@mitre.orghttp://www.rem0te.com/public/images/panda.pdfVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/418096/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15616
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2666
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23276
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17765
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/216
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015295
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21256
af854a3a-2127-422b-91ae-364da2661108http://www.rem0te.com/public/images/panda.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/418096/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15616
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2666
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23276
Impacted products
Vendor Product Version
panda panda_activescan 5.0
panda panda_antivirus 2.0
panda panda_antivirus_platinum 2.0
panda panda_businessecure_antivirus *
panda panda_clientshield_with_truprevent_technologies *
panda panda_enterprisecure_with_truprevent_technologies *
panda panda_exchangesecure *
panda panda_filesecure *
panda panda_filesecure_with_truprevent_technologies *
panda panda_gatedefender *
panda panda_isa_secure *
panda panda_panda_enterprisecure_antivirus *
panda panda_platinum_2006_internet_security *
panda panda_security 3.0
panda panda_titanium *
panda panda_titanium_2005_antivirus *
panda panda_titanium_2006_antivirus_\+_antispyware *
panda panda_truprevent_personal 2005
panda panda_truprevent_personal 2006
panda panda_webadmin *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:panda:panda_activescan:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC104885-D18F-49FC-B625-5AF87037BEF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_antivirus:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C870F9D-2A8E-4BF1-8D61-8583B62325DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_antivirus_platinum:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1F7F47-F04D-4D03-9CC3-1F9DE477BD58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_businessecure_antivirus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4BFA06-88E1-4450-92D9-37A537406998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_clientshield_with_truprevent_technologies:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B46BEE-D9C3-4A3E-8830-B3029D80393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_enterprisecure_with_truprevent_technologies:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9FFCEF-E7E9-4601-ADEA-743FDEAD396C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_exchangesecure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CA579-31B9-4E21-A12E-11386D9BF328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_filesecure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A78D31-6E6C-447C-AA30-1D3FF2E29E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_filesecure_with_truprevent_technologies:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F9A038-E995-4D69-8713-DCFBB04C9A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_gatedefender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1508CC87-5D6C-40E5-852E-AFA2720CA33C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_isa_secure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "556A2E21-0F3B-474D-82F8-E40F546B913A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_panda_enterprisecure_antivirus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E2EBC7A-E002-4312-B440-04BCA704FD3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_platinum_2006_internet_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18154EE6-3BFF-498C-9A6A-77BE75280CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C5DC7E-F0EA-4C33-BF61-7698FD12F69A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_titanium:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8464DAC4-A199-4D56-A719-8552156E67F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_titanium_2005_antivirus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA232ECD-5983-4A7C-AE29-2FF43A8531A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_titanium_2006_antivirus_\\+_antispyware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1CBEFF-9EDD-476E-86BE-7EBFAFA86DF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_truprevent_personal:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "C201C1B9-40CE-4D32-826D-5A44378F4C80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_truprevent_personal:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ABC3E00-E5B7-47BE-87F4-55B004083215",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_webadmin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7366EC43-D75C-468F-8E46-C65AC771183B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
    }
  ],
  "id": "CVE-2005-3922",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-30T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17765"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/216"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015295"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/21256"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rem0te.com/public/images/panda.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15616"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2666"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/21256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.rem0te.com/public/images/panda.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.