CVE-2007-2852
https://notcve.org/view.php?id=CVE-2007-2852
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name. Múltiples desbordamientos de búfer basados en pila en el Antivirus ESET NOD32 para versiones anteriores a la 2.70.37.0 permiten a atacantes remotos ejecutar código de su elección durante (1) el borrado/desinfección o (2) las operaciones de renombrado a través de un nombre de directorio modificado. • http://osvdb.org/36650 http://secunia.com/advisories/25375 http://securityreason.com/securityalert/2733 http://www.eset.com/support/news.php http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt http://www.securityfocus.com/archive/1/469300/100/0/threaded http://www.securityfocus.com/archive/1/469337/100/0/threaded http://www.securityfocus.com/archive/1/469468/100/0/threaded http://www.securityfocus.com/bid/24098 http://www.vupen.com/english/advisories/200 •
CVE-2006-6676
https://notcve.org/view.php?id=CVE-2006-6676
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow. Desbordamiento de entero en los analizadores sintácticos (a) OLE2 y (b) CHM para el Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos ejecutar código de su elección mediante ficheros (1) .DOC o (2) .CAB manipulados, lo cual dispara un desbordamiento de búfer basado en pila. • http://eset.com/support/updates.php?pageno=63 http://secunia.com/advisories/23459 http://securityreason.com/securityalert/2079 http://www.securityfocus.com/archive/1/454949/100/0/threaded http://www.securityfocus.com/archive/1/455045/100/0/threaded http://www.securityfocus.com/bid/21682 http://www.vupen.com/english/advisories/2006/5095 • CWE-189: Numeric Errors •
CVE-2006-6677
https://notcve.org/view.php?id=CVE-2006-6677
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error. El Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un fichero .CHM modificado que dispara un error de "división por cero". • http://eset.com/support/updates.php?pageno=63 http://secunia.com/advisories/23459 http://securityreason.com/securityalert/2079 http://www.securityfocus.com/archive/1/454949/100/0/threaded http://www.securityfocus.com/bid/21682 http://www.vupen.com/english/advisories/2006/5095 •
CVE-2006-0951
https://notcve.org/view.php?id=CVE-2006-0951
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. • http://secunia.com/advisories/19054 http://secunia.com/secunia_research/2006-17/advisory http://www.osvdb.org/24394 http://www.vupen.com/english/advisories/2006/1242 •
CVE-2006-1649
https://notcve.org/view.php?id=CVE-2006-1649
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. • http://secunia.com/advisories/19054 http://securityreason.com/securityalert/672 http://securitytracker.com/id?1015867 http://www.osvdb.org/24393 http://www.securityfocus.com/archive/1/429892/100/0/threaded http://www.securityfocus.com/bid/17374 http://www.vupen.com/english/advisories/2006/1242 https://exchange.xforce.ibmcloud.com/vulnerabilities/25640 •