7 results (0.008 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-9399 – AVAST Generic Archive Bypass

https://notcve.org/view.php?id=CVE-2020-9399

26 Feb 2020 — The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux. El motor de análisis de Avast AV permite la detección de virus por medio de un archivo ZIP diseñado. Esto afecta a las versiones anteriores a 12 definiciones de 200114-0 de Antivirus Pro, Antivirus Pro Plus y Antivirus para Linux. The AVAST parsing engine supports the ZIP archive format. • https://blog.zoller.lu/p/tzo-23-2020-avast-generic-archive.html • CWE-436: Interpretation Conflict •

CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-8773

https://notcve.org/view.php?id=CVE-2017-8773

04 May 2017 — Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation. Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316 y Quick Heal AntiVirus Pro 10.1.0.316 son vulnerables a una escritur... • http://payatu.com/oob-write-heap-buffer-dwcompressionsize-ms-wim • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-8774

https://notcve.org/view.php?id=CVE-2017-8774

04 May 2017 — Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316 y Quick Heal AntiVirus Pro 10.1.0.316 son vulnerables a una corrupción de memoria al analizar archivos Mach-O malformados. • http://payatu.com/quick-heal-internet-security-memory-corruption-vulnerability • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-8775

https://notcve.org/view.php?id=CVE-2017-8775

04 May 2017 — Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, y Quick Heal AntiVirus Pro 10.1.0.316 son vulnerables a una corrupción de memoria al analizar archivos Mach-O malformados. • http://payatu.com/quick-heal-internet-security-memory-corruption-vulnerability-2 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-8776

https://notcve.org/view.php?id=CVE-2017-8776

04 May 2017 — Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product. Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, y Quick Heal AntiVirus Pro 10.1.0.316 tienen unos 165 archivos PE en la instalación por defecto que no utilizan protección ASLR/D... • http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability •

CVSS: 9.8EPSS: 31%CPEs: 3EXPL: 2

CVE-2017-5005

https://notcve.org/view.php?id=CVE-2017-5005

02 Jan 2017 — Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation. Desbordamiento de búfer basado en pila en Quick Heal Internet Security 10.1.0.316 y versiones anteriores, Total Security 10.1.0.316 y versiones anteriores y Ant... • https://github.com/payatu/QuickHeal • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 5

CVE-2013-6767 – QuickHeal AntiVirus 7.0.0.1 - Local Stack Overflow

https://notcve.org/view.php?id=CVE-2013-6767

20 Dec 2013 — Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE file. El desbordamiento de búfer en la región stack de la memoria en la biblioteca pepoly.dll en Quick Heal AntiVirus Pro versión 7.0.0.1, permite a los usuarios locales ejecutar código arbitrario o causar una denegación de servicio (bloqueo del proceso) por medio de un valor *.text largo en un archivo PE. • https://www.exploit-db.com/exploits/30374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •