CVE-2006-0951
https://notcve.org/view.php?id=CVE-2006-0951
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. • http://secunia.com/advisories/19054 http://secunia.com/secunia_research/2006-17/advisory http://www.osvdb.org/24394 http://www.vupen.com/english/advisories/2006/1242 •
CVE-2006-1649
https://notcve.org/view.php?id=CVE-2006-1649
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. • http://secunia.com/advisories/19054 http://securityreason.com/securityalert/672 http://securitytracker.com/id?1015867 http://www.osvdb.org/24393 http://www.securityfocus.com/archive/1/429892/100/0/threaded http://www.securityfocus.com/bid/17374 http://www.vupen.com/english/advisories/2006/1242 https://exchange.xforce.ibmcloud.com/vulnerabilities/25640 •
CVE-2005-3212
https://notcve.org/view.php?id=CVE-2005-3212
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •
CVE-2005-2903
https://notcve.org/view.php?id=CVE-2005-2903
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. • http://marc.info/?l=bugtraq&m=112621063025054&w=2 http://secunia.com/advisories/16604 http://secunia.com/secunia_research/2005-40/advisory http://www.securityfocus.com/bid/14773 https://exchange.xforce.ibmcloud.com/vulnerabilities/22203 •
CVE-2004-1096 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-1096
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. El módulo Perl Archive::Zip anterior a 1.14, cuando se usa en programas antivirus como amavisd-new, permite a atacantes remotos saltarse la protección del antivirus mediante un ficheros comprimido con cabeceras globales y locales establecido a cero, lo que no impide que el fichero comprimido sea abierto en un sistema objetivo. • https://www.exploit-db.com/exploits/629 http://secunia.com/advisories/13038 http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/492545 http://www.mandriva.com/security/advisories?name=MDKSA-2004:118 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •