CVSS: 6.2EPSS: 91%CPEs: 35EXPL: 0CVE-2012-1459
https://notcve.org/view.php?id=CVE-2012-1459
21 Mar 2012 — The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, ... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 82%CPEs: 20EXPL: 0CVE-2012-1461
https://notcve.org/view.php?id=CVE-2012-1461
21 Mar 2012 — The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos A... • http://osvdb.org/80500 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 1%CPEs: 12EXPL: 0CVE-2012-1463
https://notcve.org/view.php?id=CVE-2012-1463
21 Mar 2012 — The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be... • http://osvdb.org/80426 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2008-6661 – Gentoo Linux Security Advisory 201412-08
https://notcve.org/view.php?id=CVE-2008-6661
07 Apr 2009 — Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file. Múltiples desbordamientos de entero en el motor de análisis de Bitdefender para Linux v7.600825 y anteriores, permiten a atacantes remotos provocar una denegación de servicio (caída) o puede que ejecutar código de su elección a a través de unos ficheros malfor... • http://marc.info/?l=bugtraq&m=122893066212987&w=2 • CWE-189: Numeric Errors •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0850
https://notcve.org/view.php?id=CVE-2009-0850
09 Mar 2009 — Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, as demonstrated by a filename inside a (1) rar or (2) zip archive file. Una vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en BitDefender Internet Security 2009 permite a atacantes remotos, con la ayuda de usuarios locales, inyectar HTML o scripts web arbitrarios a través del nombre de ... • http://secunia.com/advisories/34082 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 24%CPEs: 4EXPL: 2CVE-2008-5409 – BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-5409
09 Dec 2008 — Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information. Vulnerabilida... • https://www.exploit-db.com/exploits/7178 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1735
https://notcve.org/view.php?id=CVE-2008-1735
29 Apr 2008 — BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. BitDefender Antivirus 2008 18-01-2008 y anteriores permite a usuarios locales provocar una denegación de servicio (caída del sistema) mediante un puntero no válido a la estructura CLIENT_ID en una llamada a la función NtOpenProcess hooked System Service Descriptor... • http://kb.bitdefender.com/KB419-en--Security-vulnerability-in-BitDefender-2008.html •
CVSS: 7.8EPSS: 7%CPEs: 1EXPL: 3CVE-2008-0396 – BitDefender Products - Update Server HTTP Daemon Directory Traversal
https://notcve.org/view.php?id=CVE-2008-0396
23 Jan 2008 — Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. Vulnerabilidad de salto de directorio en BitDefender Update Server (http.exe), tal y como se utiliza en los productos BitDefender incluyendo Security for Fileservers and Enterprise Manager (BDEM), permite a atacantes remotos leer archivos de su... • https://www.exploit-db.com/exploits/31039 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 13%CPEs: 1EXPL: 1CVE-2007-6189 – BitDefender Online Scanner 8 - ActiveX Heap Overflow
https://notcve.org/view.php?id=CVE-2007-6189
30 Nov 2007 — A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow. Cierto control ActiveX en (1) OScan8.ocx y (2) Oscan81.ocx en BitDefender Online Anti-Virus Scanner 8.0 permite a atacantes remotos ejecutar cód... • https://www.exploit-db.com/exploits/4663 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 1CVE-2007-5775 – BitDefender Online Scanner 8 - ActiveX Heap Overflow
https://notcve.org/view.php?id=CVE-2007-5775
01 Nov 2007 — Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en BitDefender ejecutar código de su elección a través de vectores no especificados, también conocida como EEYEB-20071024. NOTA: a fecha de 29... • https://www.exploit-db.com/exploits/4663 • CWE-94: Improper Control of Generation of Code ('Code Injection') •