CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5085
https://notcve.org/view.php?id=CVE-2018-5085
03 Jan 2018 — In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124. En K7 AntiVirus 15.1.0306, el archivo del controlador (K7FWHlpr.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x83002124. • https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002124 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5086
https://notcve.org/view.php?id=CVE-2018-5086
03 Jan 2018 — In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215F. En K7 AntiVirus 15.1.0306, el archivo del controlador (K7FWHlpr.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x8300215F. • https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300215F • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5087
https://notcve.org/view.php?id=CVE-2018-5087
03 Jan 2018 — In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100. En K7 AntiVirus 15.1.0306, el archivo del controlador (K7FWHlpr.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x83002100. • https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5088
https://notcve.org/view.php?id=CVE-2018-5088
03 Jan 2018 — In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300211C. En K7 AntiVirus 15.1.0306, el archivo del controlador (K7FWHlpr.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x8300211C. • https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300211C • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-10402
https://notcve.org/view.php?id=CVE-2016-10402
27 Jul 2017 — Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow. Las versiones del motor de Avira Antivirus anteriores a la versión 8.3.36.60 permiten la ejecución de código remota como NT AUTHORITY\SYSTEM por medio del encabezado Section con una dirección virtual relativa muy grande en un archivo PE, causando un desbordamiento de enter... • http://www.securityfocus.com/bid/84841 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2017-8307
https://notcve.org/view.php?id=CVE-2017-8307
27 Apr 2017 — In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also exploitable in conjunction with CVE-2017-8308 when Avast Self-Defense is enabled. The vulnerability allows for Denial of Service attacks and hiding traces of a possible attack. En Avast Antivirus versiones anteriores ... • http://www.securityfocus.com/bid/98086 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-8308
https://notcve.org/view.php?id=CVE-2017-8308
27 Apr 2017 — In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components. En Avast Antivirus anteriores a v17, un usuario no privilegiado puede marcar un proceso arbitrario como Trusted desde la perspectiva del producto Avast. Esto evita la característica de Self-Defense del producto, abriendo una pue... • http://www.securityfocus.com/bid/98084 • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 9%CPEs: 10EXPL: 0CVE-2012-4953
https://notcve.org/view.php?id=CVE-2012-4953
14 Nov 2012 — The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. El motor de descomposición en Symantec Endpoint Protection (SEP) v11.0, Symantec Endpo... • http://www.kb.cert.org/vuls/id/985625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 24%CPEs: 11EXPL: 0CVE-2012-1420
https://notcve.org/view.php?id=CVE-2012-1420
21 Mar 2012 — The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence. NOTE: this may lat... • http://osvdb.org/80403 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 0CVE-2012-1423
https://notcve.org/view.php?id=CVE-2012-1423
21 Mar 2012 — The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CV... • http://osvdb.org/80393 • CWE-264: Permissions, Privileges, and Access Controls •