CVE-2007-0829
https://notcve.org/view.php?id=CVE-2007-0829
avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements. avast! Server Edition anterior a la 4.7.726 no requiere una contraseña en ciertos contextos previstos, incluso cuando la contraseña ha sido establecida, lo que permite a usuarios locales evitar los requerimientos de autenticación. • http://osvdb.org/33114 http://secunia.com/advisories/24068 http://www.avast.com/eng/avast-4-server-revision-history.html http://www.securityfocus.com/bid/22425 http://www.vupen.com/english/advisories/2007/0499 https://exchange.xforce.ibmcloud.com/vulnerabilities/32269 •
CVE-2006-4626
https://notcve.org/view.php?id=CVE-2006-4626
Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow. Desbordamiento de búfer basado en montículo en alwil avast! Anti-virus Engine anterior a 4.7.869 permite a atacantes remotos ejecutar código de su elección mediante un archivo LHA artesanal que contiene cabeceras extendidas con nombres de archivos y directorios cuya concatenación dispara el desbordamiento. • http://secunia.com/advisories/21794 http://www.hustlelabs.com/advisories/04072006_alwil.pdf http://www.securityfocus.com/bid/19903 http://www.vupen.com/english/advisories/2006/3515 •
CVE-2006-2869
https://notcve.org/view.php?id=CVE-2006-2869
Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack vectors. • http://secunia.com/advisories/20387 http://www.avast.com/eng/av4_revision_history.html http://www.securityfocus.com/bid/18238 http://www.vupen.com/english/advisories/2006/2115 https://exchange.xforce.ibmcloud.com/vulnerabilities/26927 •
CVE-2006-1892
https://notcve.org/view.php?id=CVE-2006-1892
avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/_avast4_ temporary directory. • http://secunia.com/advisories/19683 http://securityreason.com/securityalert/712 http://securityreason.com/securityalert/764 http://www.securityfocus.com/archive/1/431019/100/0/threaded http://www.securityfocus.com/bid/17535 http://www.vupen.com/english/advisories/2006/1387 •
CVE-2006-1355
https://notcve.org/view.php?id=CVE-2006-1355
avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files. • http://forum.avast.com/index.php?topic=19862.0 http://secunia.com/advisories/19284 http://www.dslreports.com/forum/remark%2C15601404~days=9999~start=20 http://www.securityfocus.com/bid/17158 http://www.vupen.com/english/advisories/2006/1011 https://exchange.xforce.ibmcloud.com/vulnerabilities/25336 •