CVE-2008-6962
https://notcve.org/view.php?id=CVE-2008-6962
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, y AntiVir Personal - FREE permite a los usuarios locales ejecutar arbitrariamente código a través de peticiones IOCTL manipuladas que sobreescriben un puntero al núcleo. • http://www.securityfocus.com/bid/32269 http://www.vupen.com/english/VUPEN-Security-Advisory-20081112.txt http://www.vupen.com/english/advisories/2008/3130 https://exchange.xforce.ibmcloud.com/vulnerabilities/46567 • CWE-20: Improper Input Validation •
CVE-2007-2973
https://notcve.org/view.php?id=CVE-2007-2973
Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed TAR archive. El Antivirus Avira Antivir anterior al 7.03.00.09 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de un archivo TAR mal formado. • http://forum.antivir-pe.de/thread.php?threadid=22528 http://osvdb.org/36711 http://secunia.com/advisories/25417 http://www.nruns.com/advisories/%5Bn.runs-SA-2007.012%5D%20-%20Avira%20Antivir%20Antivirus%20TAR%20parsing%20Infinite%20Loop%20Advisory.txt http://www.securityfocus.com/archive/1/470042/100/0/threaded http://www.securityfocus.com/bid/24187 http://www.securityfocus.com/bid/24239 http://www.securitytracker.com/id?1018137 http://www.vupen.com/english/advisories/2007/1971 •
CVE-2007-2972
https://notcve.org/view.php?id=CVE-2007-2972
The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. El motor de análisis sintáctico de ficheros del Avira Antivir Antivirus anterior al 7.04.00.24 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un fichero comprimido UPX manipulado, lo que dispara un error de "división por cero". • http://forum.antivir-pe.de/thread.php?threadid=22528 http://marc.info/?l=full-disclosure&m=118040810718045&w=2 http://osvdb.org/36710 http://secunia.com/advisories/25417 http://www.nruns.com/advisories/%5Bn.runs-SA-2007.011%5D%20-%20Avira%20Antivir%20Antivirus%20UPX%20parsing%20Divide%20by%20Zero%20Advisory.txt http://www.securityfocus.com/archive/1/469880/100/0/threaded http://www.securityfocus.com/bid/24187 http://www.securitytracker.com/id?1018132 http://www.vupen.com/e •
CVE-2007-2974
https://notcve.org/view.php?id=CVE-2007-2974
Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around." Desbordamiento de búfer en el motor de análisis sintáctico de ficheros en el Antivirus Avira Antivir anterior al 7.03.00.09 permite a atacantes remotos ejecutar código de su elección a través de un fichero LZH modificado, resultado de un "redondeo de conversión a entero". • http://forum.antivir-pe.de/thread.php?threadid=22528 http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063624.html http://osvdb.org/36712 http://secunia.com/advisories/25417 http://securityreason.com/securityalert/2764 http://securitytracker.com/id?1018131 http://www.nruns.com/advisories/%5Bn.runs-SA-2007.010%5D%20-%20Avira%20Antivir%20Antivirus%20LZH%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt http://www.securityfocus.com/archive/1/469805/100/0/threaded http://www •
CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 http://secunia.com/advisories/25315 http://securityreason.com/securityalert/2680 http://www.amavis.org/security/asa-2007-2.txt http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 • CWE-399: Resource Management Errors •