CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 http://secunia.com/advisories/25315 http://securityreason.com/securityalert/2680 http://www.amavis.org/security/asa-2007-2.txt http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 • CWE-399: Resource Management Errors •
CVE-2007-1671
https://notcve.org/view.php?id=CVE-2007-1671
avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. avpack32.dll anterior a 7.3.0.6 en Avira AntiVir permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entrada a directorio que apunta a un fichero anterior. • http://osvdb.org/35911 http://secunia.com/advisories/25140 http://securityreason.com/securityalert/2680 http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 http://www.vupen.com/english/advisories/2007/1702 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 •
CVE-2006-4619
https://notcve.org/view.php?id=CVE-2006-4619
The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the (1) IParam parameter, and the (2) PBM_GETRANGE and (3) PBM_SETRANGE messages in an unspecified progress bar. NOTE: some details are obtained from third party information. La ventana de inicio de actualización en update.exe en Avira AntiVir PersonalEdition Classic 7.0 construcción 151 permite a un usuario local conseguir privilegios de sistema a través del tipo de ataque "Shatter" sobre el parámetro (1)IParam, y los mensajes (2) PBM_GETRANGE y (3) PBM_SETRANGE en una barra de progreso no especifica. NOTA: algunos detalles se obtuvieron a partir de una información de terceros. • http://secunia.com/advisories/21764 http://www.securityfocus.com/archive/1/445205/100/0/threaded http://www.securityfocus.com/archive/1/445263/100/0/threaded http://www.securityfocus.com/bid/19843 http://www.securityfocus.com/bid/19889 •
CVE-2006-1274
https://notcve.org/view.php?id=CVE-2006-1274
Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042868.html http://secunia.com/advisories/19217 http://securityreason.com/securityalert/573 http://www.osvdb.org/23843 http://www.securityfocus.com/archive/1/427412/100/0/threaded http://www.securityfocus.com/bid/17071 http://www.vupen.com/english/advisories/2006/0948 https://exchange.xforce.ibmcloud.com/vulnerabilities/25244 •
CVE-2005-3219
https://notcve.org/view.php?id=CVE-2005-3219
Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •