2 results (0.004 seconds)

CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 0

Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de desbordamiento de búfer en el Plugin Visnetic anti-virus en Kerio MailServer anterior a la v6.5.0, podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://secunia.com/advisories/29021 http://www.kerio.com/kms_history.html http://www.securityfocus.com/bid/27868 http://www.securitytracker.com/id?1019428 http://www.vupen.com/english/advisories/2008/0594 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows local users to gain privileges. • http://secunia.com/advisories/16583 http://secunia.com/secunia_research/2005-65/advisory http://securitytracker.com/id?1015670 http://www.securityfocus.com/archive/1/425890/100/0/threaded http://www.securityfocus.com/bid/16788 http://www.vupen.com/english/advisories/2006/0701 https://exchange.xforce.ibmcloud.com/vulnerabilities/24928 •