CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4602 – Avira AntiVir Engine Denial of Service / Filter Evasion
https://notcve.org/view.php?id=CVE-2013-4602
14 Jun 2013 — A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. Se presenta una vulnerabilidad de denegación de servicio (bucle infinito) en Avira AntiVir Engine versiones anteriores a 8.2.12.58, por medio de una función no especificada en el PDF Scanner Engine. Avira AntiVir Engine versions prior to 8.2.12.58 suffers from filter evasion and denial of service vulnerabilities. • http://www.securityfocus.com/bid/60552 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-6962
https://notcve.org/view.php?id=CVE-2008-6962
13 Aug 2009 — Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, y AntiVir Personal - FREE permite a los usuarios locales ejecutar arbitrariamente código a través de peticiones IOCTL manipuladas que sobreescriben un puntero al núcleo. • http://www.securityfocus.com/bid/32269 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 59EXPL: 1CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
09 May 2007 — unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-1671
https://notcve.org/view.php?id=CVE-2007-1671
09 May 2007 — avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. avpack32.dll anterior a 7.3.0.6 en Avira AntiVir permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entrada a directorio que apunta a un fichero anterior. • http://osvdb.org/35911 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-4619
https://notcve.org/view.php?id=CVE-2006-4619
07 Sep 2006 — The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the (1) IParam parameter, and the (2) PBM_GETRANGE and (3) PBM_SETRANGE messages in an unspecified progress bar. NOTE: some details are obtained from third party information. La ventana de inicio de actualización en update.exe en Avira AntiVir PersonalEdition Classic 7.0 construcción 151 permite a un usuario local conseguir privilegios de s... • http://secunia.com/advisories/21764 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1274
https://notcve.org/view.php?id=CVE-2006-1274
19 Mar 2006 — Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042868.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3219
https://notcve.org/view.php?id=CVE-2005-3219
14 Oct 2005 — Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3224
https://notcve.org/view.php?id=CVE-2005-3224
14 Oct 2005 — Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •