Page 14 of 71 results (0.010 seconds)

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 1

aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests. aavmker4.sys en avast! Home y Professional 4.7 para Windows, no valida de forma correcta la entrada a IOCTL 0xb2d60030, esto permite a usuarios locales obtener privilegios a través de cierta solicitud IOCTL. Avast! version 4.7 aavmker4.sys local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/12406 http://secunia.com/advisories/29605 http://www.avast.com/eng/avast-4-home_pro-revision-history.html http://www.securityfocus.com/archive/1/490321/100/0/threaded http://www.securityfocus.com/bid/28502 http://www.securitytracker.com/id?1019732 http://www.trapkit.de/advisories/TKADV2008-002.txt http://www.vupen.com/english/advisories/2008/1034/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41527 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 1%CPEs: 19EXPL: 1

Unspecified vulnerability in avast! 4 Home and Professional Editions before 4.7.1098 allows remote attackers to have an unknown impact via a crafted TAR archive. Vulnerabilidad no especificada en avast! 4, ediciones Home y Professional, en versiones anteriores a la 4.7.1098. Permite que atacantes remotos provoquen un impacto desconocido usando un archivo TAR manipulado. • http://secunia.com/advisories/27929 http://www.avast.com/eng/avast-4-home_pro-revision-history.html http://www.securityfocus.com/bid/26702 http://www.vupen.com/english/advisories/2007/4097 https://exchange.xforce.ibmcloud.com/vulnerabilities/38877 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 33%CPEs: 2EXPL: 0

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around." Un desbordamiento de búfer en la región heap de la memoria en el desempaquetador SIS en Anti-Virus Managed Client de avast! anterior a versión 4.7.700, permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo SIS creado, como resultado de un "integer cast around." • http://marc.info/?l=full-disclosure&m=118007660813710&w=2 http://osvdb.org/36522 http://www.avast.com/eng/adnm-management-client-revision-history.html http://www.kb.cert.org/vuls/id/125868 http://www.nruns.com/advisories/%5Bn.runs-SA-2007.009%5D%20-%20Avast%21%20Antivirus%20SIS%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt http://www.securityfocus.com/archive/1/469585/100/0/threaded http://www.securityfocus.com/bid/24155 http://www.vupen.com/english/advisories/2007& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 17%CPEs: 2EXPL: 0

Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around". Desbordamiento de búfer basado en montículo en el desempaquetador CAB del avast! Anti-Virus Managed Client anterior al 4.7.700 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un archivo CAB modificado, resultado de un "redondeo de conversión a entero" • http://marc.info/?l=full-disclosure&m=118000321419384&w=2 http://osvdb.org/36523 http://secunia.com/advisories/25380 http://www.avast.com/eng/adnm-management-client-revision-history.html http://www.securityfocus.com/archive/1/469469/100/0/threaded http://www.securityfocus.com/bid/24132 http://www.securitytracker.com/id?1018108 http://www.vupen.com/english/advisories/2007/1935 https://exchange.xforce.ibmcloud.com/vulnerabilities/34477 •

CVSS: 7.8EPSS: 7%CPEs: 59EXPL: 1

unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 http://secunia.com/advisories/25315 http://securityreason.com/securityalert/2680 http://www.amavis.org/security/asa-2007-2.txt http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 • CWE-399: Resource Management Errors •