CVSS: 7.5EPSS: 61%CPEs: 25EXPL: 2CVE-2006-6293 – F-Prot AntiVirus 4.6.6 - CHM Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-6293
Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294. Desbordamiento de búfer basado en montículo en FRISK Software F-Prot Antivirus 3.16f anterior al 4.6.7 permite a atacantes con la intervención del usuario ejecutar código de su elección a través de ficheros CHM manipulados. NOTA: Esta vulnerabilidad tiene, por lo menos una parte, solapada con la CVE-2006-6294. • https://www.exploit-db.com/exploits/2893 http://gleg.net/fprot.txt http://gleg.net/vulndisco_meta.shtml http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051096.html http://secunia.com/advisories/22879 http://secunia.com/advisories/23328 http://security.gentoo.org/glsa/glsa-200612-12.xml http://securitytracker.com/id?1017331 http://www.f-prot.com/news/gen_news/061201_release_unix467.html http://www.osvdb.org/30406 http://www.securityfocus.com/archive& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2005-3499
https://notcve.org/view.php?id=CVE-2005-3499
Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0073.html http://securitytracker.com/id?1015148 http://thierry.sniff-em.com/research/fprot.html http://www.osvdb.org/20865 http://www.securityfocus.com/archive/1/415637/30/0/threaded http://www.securityfocus.com/archive/1/502370/100/0/threaded http://www.securityfocus.com/bid/15293 http://www.zoller.lu/research/fprot.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/22967 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3374
https://notcve.org/view.php?id=CVE-2005-3374
Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." • http://marc.info/?l=bugtraq&m=113026417802703&w=2 http://www.securityelf.org/magicbyte.html http://www.securityelf.org/magicbyteadv.html http://www.securityelf.org/updmagic.html http://www.securityfocus.com/bid/15189 •