CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1CVE-2007-3971
https://notcve.org/view.php?id=CVE-2007-3971
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop. Desbordamiento de entero en ESET NOD32 Antivirus versiones anteriores a 2.2289 permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU y disco) mediante un fichero comprimido ASPACK manipulado, que dispara un bucle infinito. • http://osvdb.org/37977 http://secunia.com/advisories/26124 http://securityreason.com/securityalert/2923 http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26 http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt http://www.securityfocus.com/archive/1/474245/100/0/threade •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1CVE-2007-3972
https://notcve.org/view.php?id=CVE-2007-3972
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error. ESET NOD32 Antivirus anterior a 2.2289 permite a atacantes remotos provocar denegación de servicio a través de archivos (1) ASPACK manipulados o (2) paquetes FSG, el cual dispara un error de división por cero. • http://osvdb.org/37978 http://secunia.com/advisories/26124 http://securityreason.com/securityalert/2924 http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26 http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt http://www.securityfocus.com/a •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0951
https://notcve.org/view.php?id=CVE-2006-0951
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. • http://secunia.com/advisories/19054 http://secunia.com/secunia_research/2006-17/advisory http://www.osvdb.org/24394 http://www.vupen.com/english/advisories/2006/1242 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2006-1649
https://notcve.org/view.php?id=CVE-2006-1649
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. • http://secunia.com/advisories/19054 http://securityreason.com/securityalert/672 http://securitytracker.com/id?1015867 http://www.osvdb.org/24393 http://www.securityfocus.com/archive/1/429892/100/0/threaded http://www.securityfocus.com/bid/17374 http://www.vupen.com/english/advisories/2006/1242 https://exchange.xforce.ibmcloud.com/vulnerabilities/25640 •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 1CVE-2005-2903
https://notcve.org/view.php?id=CVE-2005-2903
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. • http://marc.info/?l=bugtraq&m=112621063025054&w=2 http://secunia.com/advisories/16604 http://secunia.com/secunia_research/2005-40/advisory http://www.securityfocus.com/bid/14773 https://exchange.xforce.ibmcloud.com/vulnerabilities/22203 •