CVSS: 5.5EPSS: 50%CPEs: 36EXPL: 0CVE-2012-1443
https://notcve.org/view.php?id=CVE-2012-1443
21 Mar 2012 — The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky An... • http://osvdb.org/80454 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 5%CPEs: 9EXPL: 0CVE-2012-1429
https://notcve.org/view.php?id=CVE-2012-1429
21 Mar 2012 — The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additi... • http://www.ieee-security.org/TC/SP2012/program.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 5%CPEs: 13EXPL: 0CVE-2008-0309
https://notcve.org/view.php?id=CVE-2008-0309
28 Feb 2008 — Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). Vulnerabilidad de Desbordamiento de búfer basado en pila en Symantec Decomposer incluído en productos como Symantec Scan Engine 5.1.2 y versiones an... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2008-0308
https://notcve.org/view.php?id=CVE-2008-0308
28 Feb 2008 — Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). Symantec Decomposer, como se usa en ciertos productos antivirus Symantec incluyendo Symantec Scan Engine 5.1.2 y otras versiones antes de 5.1.6.31, permite a atacantes remotos provocar una denegación de s... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4277
https://notcve.org/view.php?id=CVE-2007-4277
30 Oct 2007 — The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403. La ingenieria de búsqueda de Trend Micro AntiVirus anterior a 8.550-10... • http://esupport.trendmicro.com/support/viewxml.do?ContentID=1035793 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4886
https://notcve.org/view.php?id=CVE-2006-4886
19 Sep 2006 — The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition. El componente VirusScan On-Access Scan en McAfee VirusScan Enterprise 7.1.0 y Scan Engine 4.4.00 permite a usuarios locales con privilegios evitar restricciones de seguridad y des... • http://securityreason.com/securityalert/1605 •