CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4602 – Avira AntiVir Engine Denial of Service / Filter Evasion
https://notcve.org/view.php?id=CVE-2013-4602
14 Jun 2013 — A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. Se presenta una vulnerabilidad de denegación de servicio (bucle infinito) en Avira AntiVir Engine versiones anteriores a 8.2.12.58, por medio de una función no especificada en el PDF Scanner Engine. Avira AntiVir Engine versions prior to 8.2.12.58 suffers from filter evasion and denial of service vulnerabilities. • http://www.securityfocus.com/bid/60552 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.2EPSS: 60%CPEs: 16EXPL: 0CVE-2012-1425
https://notcve.org/view.php?id=CVE-2012-1425
21 Mar 2012 — The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Prote... • http://osvdb.org/80389 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 56%CPEs: 36EXPL: 0CVE-2012-1443
https://notcve.org/view.php?id=CVE-2012-1443
21 Mar 2012 — The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky An... • http://osvdb.org/80454 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 86%CPEs: 29EXPL: 0CVE-2012-1457
https://notcve.org/view.php?id=CVE-2012-1457
21 Mar 2012 — The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning E... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 91%CPEs: 35EXPL: 0CVE-2012-1459
https://notcve.org/view.php?id=CVE-2012-1459
21 Mar 2012 — The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, ... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-2761
https://notcve.org/view.php?id=CVE-2009-2761
13 Aug 2009 — Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges via a malicious antivir.exe file in the "C:\Program Files\avira\" directory. Vulnerabilidad de búsqueda de ruta no entrecomillada en Windows en el planificador (sched.exe) en Avira AntiVir, AntiVir Premium, Premium Security Suite y AntiVir Professional, podría permitir a usuarios locales elevar sus privilegios a... • http://archives.neohapsis.com/archives/bugtraq/2009-01/0146.html •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-6962
https://notcve.org/view.php?id=CVE-2008-6962
13 Aug 2009 — Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, y AntiVir Personal - FREE permite a los usuarios locales ejecutar arbitrariamente código a través de peticiones IOCTL manipuladas que sobreescriben un puntero al núcleo. • http://www.securityfocus.com/bid/32269 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 0CVE-2007-2972
https://notcve.org/view.php?id=CVE-2007-2972
01 Jun 2007 — The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. El motor de análisis sintáctico de ficheros del Avira Antivir Antivirus anterior al 7.04.00.24 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un fichero comprimido UPX manipulado, lo que dispara un error de "división por cero". • http://forum.antivir-pe.de/thread.php?threadid=22528 •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2007-2973
https://notcve.org/view.php?id=CVE-2007-2973
01 Jun 2007 — Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed TAR archive. El Antivirus Avira Antivir anterior al 7.03.00.09 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de un archivo TAR mal formado. • http://forum.antivir-pe.de/thread.php?threadid=22528 •
CVSS: 10.0EPSS: 20%CPEs: 2EXPL: 0CVE-2007-2974
https://notcve.org/view.php?id=CVE-2007-2974
01 Jun 2007 — Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around." Desbordamiento de búfer en el motor de análisis sintáctico de ficheros en el Antivirus Avira Antivir anterior al 7.03.00.09 permite a atacantes remotos ejecutar código de su elección a través de un fichero LZH modificado, resultado de un "redondeo de conversión a entero". • http://forum.antivir-pe.de/thread.php?threadid=22528 •