CVSS: 7.6EPSS: 14%CPEs: 1EXPL: 0CVE-2007-3970
https://notcve.org/view.php?id=CVE-2007-3970
25 Jul 2007 — Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption. Condición de carrera en ESET NOD32 Antivirus anterior a 2.2289 permite a atacantes remotos ejecutar códigos de su elección a través de un archivo CAB manipulado, lo cual dispara una corrupción de memoria. • http://osvdb.org/37976 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 1CVE-2007-3971
https://notcve.org/view.php?id=CVE-2007-3971
25 Jul 2007 — Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop. Desbordamiento de entero en ESET NOD32 Antivirus versiones anteriores a 2.2289 permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU y disco) mediante un fichero comprimido ASPACK manipulado, que dispara un bucle infinito. • http://osvdb.org/37977 •
CVSS: 5.5EPSS: 2%CPEs: 1EXPL: 1CVE-2007-3972
https://notcve.org/view.php?id=CVE-2007-3972
25 Jul 2007 — ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error. ESET NOD32 Antivirus anterior a 2.2289 permite a atacantes remotos provocar denegación de servicio a través de archivos (1) ASPACK manipulados o (2) paquetes FSG, el cual dispara un error de división por cero. • http://osvdb.org/37978 •
CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 0CVE-2007-2852
https://notcve.org/view.php?id=CVE-2007-2852
24 May 2007 — Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name. Múltiples desbordamientos de búfer basados en pila en el Antivirus ESET NOD32 para versiones anteriores a la 2.70.37.0 permiten a atacantes remotos ejecutar código de su elección durante (1) el borrado/desinfección o (2) las operaciones de renombrado a través de un nombre de directorio modificado. • http://osvdb.org/36650 •
CVSS: 9.3EPSS: 7%CPEs: 4EXPL: 0CVE-2006-6676
https://notcve.org/view.php?id=CVE-2006-6676
21 Dec 2006 — Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow. Desbordamiento de entero en los analizadores sintácticos (a) OLE2 y (b) CHM para el Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos ejecutar código de su elección mediante ficheros (1) .DOC o (2) .CAB manipulados, lo cual dispara un desbordamiento d... • http://eset.com/support/updates.php?pageno=63 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2006-6677
https://notcve.org/view.php?id=CVE-2006-6677
21 Dec 2006 — ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error. El Antivirus ESET NOD32 en versiones anteriores a la 1.1743 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un fichero .CHM modificado que dispara un error de "división por cero". • http://eset.com/support/updates.php?pageno=63 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0951
https://notcve.org/view.php?id=CVE-2006-0951
08 Apr 2006 — The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. • http://secunia.com/advisories/19054 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2006-1649
https://notcve.org/view.php?id=CVE-2006-1649
06 Apr 2006 — The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. • http://secunia.com/advisories/19054 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3212
https://notcve.org/view.php?id=CVE-2005-3212
14 Oct 2005 — Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2005-2903
https://notcve.org/view.php?id=CVE-2005-2903
14 Sep 2005 — Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. • http://marc.info/?l=bugtraq&m=112621063025054&w=2 •