CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5662
https://notcve.org/view.php?id=CVE-2015-5662
18 Oct 2015 — Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive. Vulnerabilidad de salto de directorio en Avast en versiones anteriores a 150918-0 permite a atacantes remotos borrar o escribir en archivos arbitrarios a través de una entrada manipulada en un archivo ZIP • http://jvn.jp/en/jp/JVN25576608/index.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5523
https://notcve.org/view.php?id=CVE-2008-5523
12 Dec 2008 — avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. avast! antivirus v4.8.1281.0, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un docume... • http://securityreason.com/securityalert/4723 • CWE-20: Improper Input Validation •