CVE-2007-2972
https://notcve.org/view.php?id=CVE-2007-2972
The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. El motor de análisis sintáctico de ficheros del Avira Antivir Antivirus anterior al 7.04.00.24 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un fichero comprimido UPX manipulado, lo que dispara un error de "división por cero". • http://forum.antivir-pe.de/thread.php?threadid=22528 http://marc.info/?l=full-disclosure&m=118040810718045&w=2 http://osvdb.org/36710 http://secunia.com/advisories/25417 http://www.nruns.com/advisories/%5Bn.runs-SA-2007.011%5D%20-%20Avira%20Antivir%20Antivirus%20UPX%20parsing%20Divide%20by%20Zero%20Advisory.txt http://www.securityfocus.com/archive/1/469880/100/0/threaded http://www.securityfocus.com/bid/24187 http://www.securitytracker.com/id?1018132 http://www.vupen.com/e •
CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 http://secunia.com/advisories/25315 http://securityreason.com/securityalert/2680 http://www.amavis.org/security/asa-2007-2.txt http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 • CWE-399: Resource Management Errors •
CVE-2007-1671
https://notcve.org/view.php?id=CVE-2007-1671
avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. avpack32.dll anterior a 7.3.0.6 en Avira AntiVir permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entrada a directorio que apunta a un fichero anterior. • http://osvdb.org/35911 http://secunia.com/advisories/25140 http://securityreason.com/securityalert/2680 http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 http://www.vupen.com/english/advisories/2007/1702 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 •
CVE-2006-4619
https://notcve.org/view.php?id=CVE-2006-4619
The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the (1) IParam parameter, and the (2) PBM_GETRANGE and (3) PBM_SETRANGE messages in an unspecified progress bar. NOTE: some details are obtained from third party information. La ventana de inicio de actualización en update.exe en Avira AntiVir PersonalEdition Classic 7.0 construcción 151 permite a un usuario local conseguir privilegios de sistema a través del tipo de ataque "Shatter" sobre el parámetro (1)IParam, y los mensajes (2) PBM_GETRANGE y (3) PBM_SETRANGE en una barra de progreso no especifica. NOTA: algunos detalles se obtuvieron a partir de una información de terceros. • http://secunia.com/advisories/21764 http://www.securityfocus.com/archive/1/445205/100/0/threaded http://www.securityfocus.com/archive/1/445263/100/0/threaded http://www.securityfocus.com/bid/19843 http://www.securityfocus.com/bid/19889 •
CVE-2006-1274
https://notcve.org/view.php?id=CVE-2006-1274
Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042868.html http://secunia.com/advisories/19217 http://securityreason.com/securityalert/573 http://www.osvdb.org/23843 http://www.securityfocus.com/archive/1/427412/100/0/threaded http://www.securityfocus.com/bid/17071 http://www.vupen.com/english/advisories/2006/0948 https://exchange.xforce.ibmcloud.com/vulnerabilities/25244 •