Page 2 of 10 results (0.005 seconds)

CVSS: 7.5EPSS: 4%CPEs: 29EXPL: 1

Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow. Desbordamiento de búfer basado en montículo en alwil avast! Anti-virus Engine anterior a 4.7.869 permite a atacantes remotos ejecutar código de su elección mediante un archivo LHA artesanal que contiene cabeceras extendidas con nombres de archivos y directorios cuya concatenación dispara el desbordamiento. • http://secunia.com/advisories/21794 http://www.hustlelabs.com/advisories/04072006_alwil.pdf http://www.securityfocus.com/bid/19903 http://www.vupen.com/english/advisories/2006/3515 •

CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0

Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack vectors. • http://secunia.com/advisories/20387 http://www.avast.com/eng/av4_revision_history.html http://www.securityfocus.com/bid/18238 http://www.vupen.com/english/advisories/2006/2115 https://exchange.xforce.ibmcloud.com/vulnerabilities/26927 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files. • http://forum.avast.com/index.php?topic=19862.0 http://secunia.com/advisories/19284 http://www.dslreports.com/forum/remark%2C15601404~days=9999~start=20 http://www.securityfocus.com/bid/17158 http://www.vupen.com/english/advisories/2006/1011 https://exchange.xforce.ibmcloud.com/vulnerabilities/25336 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames. Vulnerabilidad de franqueo de directorios en librería de compresión (UNACEV2.DLL), usada en avast! Antivirus Home/Professional Edition 4.6.665 y Server Edition 4.6.460 permite que atacantes remotos escriban ficheros arbitrarios mediante un archivo ACE que contiene nombre de ficheros con 1) .. o 2) paths absolutos. • http://secunia.com/advisories/15776 http://secunia.com/secunia_research/2005-20/advisory http://securitytracker.com/id?1014544 http://www.avast.com/eng/av4_revision_history.html •

CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename. Desbordamiento de búfer en librería de compresión (UNACEV2.DLL), usada en avast! Antivirus Home/Professional Edition 4.6.665 y Server Edition 4.6.460 permite que atacantes remotos ejecuten código arbitrario mediante un archivo ACE que contenga un nombre de fichero largo. • http://secunia.com/advisories/15776 http://secunia.com/secunia_research/2005-20/advisory http://securitytracker.com/id?1014544 http://www.avast.com/eng/av4_revision_history.html •