3 results (0.010 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2

The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by (2) sending a crafted KEVENT structure through ioctl 0xBF672028 to overwrite arbitrary memory locations. El controlador de dispositivo nvcoaft51 de Norman Virus Control (NVC) 5.82 utiliza permisos débiles (acceso de escritura no restringido) para el dispositivo NvcOa, lo cual permite a usuarios locales obtener privilegios al (1) disparar desbordamiento de búfer en un espacio de memoria del kernel mediante un argumento tipo cadena en ioctl 0xBF67201C; ó (2) enviando una estructura KEVENT manipulada hasta ioctl 0xBF672028 para sobre-escribir posiciones de memoria de su elección. • https://www.exploit-db.com/exploits/4345 http://securityreason.com/securityalert/3087 http://www.48bits.com/exploits/nvc.rar http://www.securityfocus.com/archive/1/478224/100/0/threaded http://www.securityfocus.com/bid/25499 http://www.securitytracker.com/id?1018636 https://exchange.xforce.ibmcloud.com/vulnerabilities/36373 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 0

Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted (1) ACE or (2) LZH file, resulting from an "integer cast around." Múltiples desbordamientos de búfer en Norman Antivirus 5.90 permite a atacantes remotos ejecutar código de su elección a través de archivos (1) ACE o (2) LZH manipulados, como resultado de un "redondedo del enterio lanzado". • http://osvdb.org/37982 http://osvdb.org/37983 http://secunia.com/advisories/26178 http://securityreason.com/securityalert/2912 http://www.nruns.com/security_advisory_Norman_all_ace_buffer_overflow.php http://www.nruns.com/security_advisory_norman_antivirus_lzh_buffer_overflow.php http://www.securityfocus.com/archive/1/474423/100/0/threaded http://www.securityfocus.com/archive/1/474432/100/0/threaded http://www.securityfocus.com/bid/25003 http://www.securityfocus.com/bid/25015 •

CVSS: 4.3EPSS: 8%CPEs: 1EXPL: 0

The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to cause a denial of service via a crafted DOC file that triggers a divide-by-zero error. La validación OLE2 en Norman Antivirus anterior a 5.91.02 permite a atacantes remotos provocar denegación de servicio a través de archivos DOC manipulado que disparan un erro de división por cero. • http://osvdb.org/37980 http://secunia.com/advisories/26178 http://securityreason.com/securityalert/2914 http://www.nruns.com/security_advisory_norton_antivirus_doc_divide_by_zero_dos.php http://www.securityfocus.com/archive/1/474450/100/0/threaded http://www.securityfocus.com/bid/25014 http://www.securitytracker.com/id?1018438 http://www.vupen.com/english/advisories/2007/2619 https://exchange.xforce.ibmcloud.com/vulnerabilities/35554 •