CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5522
https://notcve.org/view.php?id=CVE-2008-5522
AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. AVG Anti-Virus v8.0.0.161, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML colocando una cabecera MZ (alias "EXE info") al principio, y modificar el nombre del archivo a (1 ) sin extensión, (2) una extensión. txt, o (3) una extensión .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745. • http://securityreason.com/securityalert/4723 http://www.securityfocus.com/archive/1/498995/100/0/threaded http://www.securityfocus.com/archive/1/499043/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5543
https://notcve.org/view.php?id=CVE-2008-5543
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Symantec AntiVirus (SAV) 10, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML colocando una cabecera MZ (alias "EXE info") al principio, y modificar el nombre del archivo a (1 ) sin extensión, (2) una extensión. txt, o (3) una extensión .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745. • http://securityreason.com/securityalert/4723 http://www.securityfocus.com/archive/1/498995/100/0/threaded http://www.securityfocus.com/archive/1/499043/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 20%CPEs: 4EXPL: 2CVE-2008-5409 – BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-5409
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information. Vulnerabilidad sin especificar en el módulo pdf.xmd en (1) BitDefender Free Edition 10 y Antivirus Standard 10, (2) BullGuard Internet Security v8.5, y (3) Software602 Groupware Server v6.0.08.1118, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un archivo PDF manipulado, seguramente relacionado con la inclusión de flujos comprimidos que son procesados con el filtro ASCIIHexDecode. NOTA: algunos de éstos detalles han sido obtenidos a partir de terceros. • https://www.exploit-db.com/exploits/7178 http://milw0rm.com/sploits/2008-BitDefenderDOS.zip http://osvdb.org/50010 http://osvdb.org/50103 http://osvdb.org/50205 http://secunia.com/advisories/27805 http://secunia.com/advisories/32789 http://secunia.com/advisories/32814 http://www.securityfocus.com/bid/32396 https://exchange.xforce.ibmcloud.com/vulnerabilities/46750 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 56EXPL: 2CVE-2007-1793 – Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1793
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la función SSDT enlazada, lo que permite a los usuarios locales causar una denegación de servicio (bloqueo) o posiblemente ejecutar código arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: más tarde se informó que Norton Internet Security 2008 versión 15.0.0.60, y posiblemente otras versiones de 2006, también se ven afectados. • https://www.exploit-db.com/exploits/29810 http://osvdb.org/34692 http://secunia.com/advisories/24677 http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus. • CWE-20: Improper Input Validation •