CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2006-1125
https://notcve.org/view.php?id=CVE-2006-1125
Grisoft AVG Free 7.1, and other versions including 7.0.308, sets Everyone/Full Control permissions for certain update files including (1) upd_vers.cfg, (2) incavi.avm, and (3) unspecified drivers, which might allow local users to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2006-02/0631.html http://secunia.com/advisories/19118 http://securitytracker.com/id?1015728 http://www.dslreports.com/forum/remark%2C15601404 http://www.securityfocus.com/bid/16952 http://www.vupen.com/english/advisories/2006/0845 https://exchange.xforce.ibmcloud.com/vulnerabilities/25139 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3371
https://notcve.org/view.php?id=CVE-2005-3371
Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." • http://marc.info/?l=bugtraq&m=113026417802703&w=2 http://www.securityelf.org/magicbyte.html http://www.securityelf.org/magicbyteadv.html http://www.securityelf.org/updmagic.html http://www.securityfocus.com/bid/15189 •