Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for antivirus by avg

    CVE-2024-7237 (GCVE-0-2024-7237)

    Vulnerability from nvd – Published: 2024-11-22 21:12 – Updated: 2024-12-05 14:30
    VLAI
    Title
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability
    Summary
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.12.8700.813
    Create a notification for this product.
    avg anti-virus Affected: 23.12.8700.813
        cpe:2.3:a:avg:anti-virus:23.12.8700.813:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avg:anti-virus:23.12.8700.813:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "anti-virus",
                "vendor": "avg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.12.8700.813"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T15:15:21.743547Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:30:46.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.12.8700.813"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:27:09.563Z",
          "datePublic": "2024-07-29T21:37:14.706Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:05.971Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1007",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1007/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7237",
        "datePublished": "2024-11-22T21:12:05.971Z",
        "dateReserved": "2024-07-29T20:27:09.535Z",
        "dateUpdated": "2024-12-05T14:30:46.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7236 (GCVE-0-2024-7236)

    Vulnerability from nvd – Published: 2024-11-22 21:12 – Updated: 2024-11-23 01:26
    VLAI
    Title
    AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability
    Summary
    AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.12.8700.812
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-23T01:17:42.185191Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-23T01:26:25.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.12.8700.812"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:49.669Z",
          "datePublic": "2024-07-29T21:37:26.199Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:14.028Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1009",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1009/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7236",
        "datePublished": "2024-11-22T21:12:14.028Z",
        "dateReserved": "2024-07-29T20:26:49.635Z",
        "dateUpdated": "2024-11-23T01:26:25.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7235 (GCVE-0-2024-7235)

    Vulnerability from nvd – Published: 2024-11-22 21:12 – Updated: 2024-11-23 01:26
    VLAI
    Title
    AVG AntiVirus Free Link Following Denial-of-Service Vulnerability
    Summary
    AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-22803.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.11.8635.809
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-23T01:17:36.329518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-23T01:26:24.972Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.11.8635.809"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:32.464Z",
          "datePublic": "2024-07-29T21:37:10.137Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n. Was ZDI-CAN-22803."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:02.954Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1006",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1006/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free Link Following Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7235",
        "datePublished": "2024-11-22T21:12:02.954Z",
        "dateReserved": "2024-07-29T20:26:32.437Z",
        "dateUpdated": "2024-11-23T01:26:24.972Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7234 (GCVE-0-2024-7234)

    Vulnerability from nvd – Published: 2024-11-22 21:12 – Updated: 2024-12-05 14:29
    VLAI
    Title
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability
    Summary
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.9.8494.795
    Create a notification for this product.
    avg anti-virus Affected: 23.9.8494.795
        cpe:2.3:a:avg:anti-virus:23.9.8494.795:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avg:anti-virus:23.9.8494.795:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "anti-virus",
                "vendor": "avg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.9.8494.795"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T15:15:19.789656Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:29:22.161Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.9.8494.795"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:13.260Z",
          "datePublic": "2024-07-29T21:37:21.043Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:10.251Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1008",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1008/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7234",
        "datePublished": "2024-11-22T21:12:10.251Z",
        "dateReserved": "2024-07-29T20:26:13.233Z",
        "dateUpdated": "2024-12-05T14:29:22.161Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9484 (GCVE-0-2024-9484)

    Vulnerability from nvd – Published: 2024-10-04 12:44 – Updated: 2024-10-07 11:27
    VLAI
    Summary
    An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:44
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9484",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:31:38.216327Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:31:46.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:44:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing."
                }
              ],
              "value": "An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:37.651Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definitions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definitions."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9484",
        "datePublished": "2024-10-04T12:44:25.057Z",
        "dateReserved": "2024-10-03T14:29:40.798Z",
        "dateUpdated": "2024-10-07T11:27:37.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9483 (GCVE-0-2024-9483)

    Vulnerability from nvd – Published: 2024-10-04 12:29 – Updated: 2024-10-07 11:27
    VLAI
    Title
    Uninitialized variable in digital signiture verification may crash the application
    Summary
    A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:29
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9483",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:34:56.915713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:35:04.810Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:29:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing."
                }
              ],
              "value": "A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:19.528Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definitions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definitions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Uninitialized variable in digital signiture verification may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9483",
        "datePublished": "2024-10-04T12:29:16.430Z",
        "dateReserved": "2024-10-03T14:29:36.984Z",
        "dateUpdated": "2024-10-07T11:27:19.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9482 (GCVE-0-2024-9482)

    Vulnerability from nvd – Published: 2024-10-04 12:22 – Updated: 2024-10-07 11:27
    VLAI
    Title
    Out of Bounds write on scan of malformed Mach-O file may crash the application
    Summary
    An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:39:04.820285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:39:14.744Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing."
                }
              ],
              "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:03.261Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definintions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definintions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Out of Bounds write on scan of malformed Mach-O file may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9482",
        "datePublished": "2024-10-04T12:22:47.087Z",
        "dateReserved": "2024-10-03T14:29:35.415Z",
        "dateUpdated": "2024-10-07T11:27:03.261Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9481 (GCVE-0-2024-9481)

    Vulnerability from nvd – Published: 2024-10-04 12:15 – Updated: 2024-10-07 11:26
    VLAI
    Title
    Out of Bounds write on scan of malformed eml file may crash the application
    Summary
    An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:13
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:54:39.515335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:54:47.530Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:13:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."
                }
              ],
              "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:26:43.561Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definintions."
                }
              ],
              "value": "Upgrade to the latest version of virus definintions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Out of Bounds write on scan of malformed eml file may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9481",
        "datePublished": "2024-10-04T12:15:14.709Z",
        "dateReserved": "2024-10-03T14:29:34.815Z",
        "dateUpdated": "2024-10-07T11:26:43.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4294 (GCVE-0-2022-4294)

    Vulnerability from nvd – Published: 2023-01-10 09:14 – Updated: 2025-04-08 14:54
    VLAI
    Title
    Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation
    Summary
    Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:34:50.109Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4294",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-08T14:53:38.976759Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-08T14:54:30.415Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Norton Antivirus Windows Eraser Engine",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 119.1.5.1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Avira Security ",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 1.1.78"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Avast Antivirus",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "Prior to 22.10"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "AVG Antivirus",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "Prior to 22.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNorton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-10T09:22:11.371Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2022-4294",
        "datePublished": "2023-01-10T09:14:47.102Z",
        "dateReserved": "2022-12-05T17:46:00.115Z",
        "dateUpdated": "2025-04-08T14:54:30.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5522 (GCVE-0-2008-5522)

    Vulnerability from nvd – Published: 2008-12-12 18:13 – Updated: 2024-08-07 10:56
    VLAI
    Summary
    AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4723 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/499043/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/498995/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2008-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:56:46.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-antivirus-mzheader-code-execution(47435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
              },
              {
                "name": "4723",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4723"
              },
              {
                "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
              },
              {
                "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-antivirus-mzheader-code-execution(47435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
            },
            {
              "name": "4723",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4723"
            },
            {
              "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
            },
            {
              "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-antivirus-mzheader-code-execution(47435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
                },
                {
                  "name": "4723",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4723"
                },
                {
                  "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
                },
                {
                  "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5522",
        "datePublished": "2008-12-12T18:13:00.000Z",
        "dateReserved": "2008-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:56:46.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7236 (GCVE-0-2024-7236)

    Vulnerability from cvelistv5 – Published: 2024-11-22 21:12 – Updated: 2024-11-23 01:26
    VLAI
    Title
    AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability
    Summary
    AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.12.8700.812
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7236",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-23T01:17:42.185191Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-23T01:26:25.130Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.12.8700.812"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:49.669Z",
          "datePublic": "2024-07-29T21:37:26.199Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Installer. By creating a symbolic link, an attacker can abuse the update functionality to create a file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. Was ZDI-CAN-22942."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:14.028Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1009",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1009/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7236",
        "datePublished": "2024-11-22T21:12:14.028Z",
        "dateReserved": "2024-07-29T20:26:49.635Z",
        "dateUpdated": "2024-11-23T01:26:25.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7234 (GCVE-0-2024-7234)

    Vulnerability from cvelistv5 – Published: 2024-11-22 21:12 – Updated: 2024-12-05 14:29
    VLAI
    Title
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability
    Summary
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.9.8494.795
    Create a notification for this product.
    avg anti-virus Affected: 23.9.8494.795
        cpe:2.3:a:avg:anti-virus:23.9.8494.795:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avg:anti-virus:23.9.8494.795:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "anti-virus",
                "vendor": "avg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.9.8494.795"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T15:15:19.789656Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:29:22.161Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.9.8494.795"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:13.260Z",
          "datePublic": "2024-07-29T21:37:21.043Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22260."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:10.251Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1008",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1008/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7234",
        "datePublished": "2024-11-22T21:12:10.251Z",
        "dateReserved": "2024-07-29T20:26:13.233Z",
        "dateUpdated": "2024-12-05T14:29:22.161Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7237 (GCVE-0-2024-7237)

    Vulnerability from cvelistv5 – Published: 2024-11-22 21:12 – Updated: 2024-12-05 14:30
    VLAI
    Title
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability
    Summary
    AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.12.8700.813
    Create a notification for this product.
    avg anti-virus Affected: 23.12.8700.813
        cpe:2.3:a:avg:anti-virus:23.12.8700.813:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:avg:anti-virus:23.12.8700.813:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "anti-virus",
                "vendor": "avg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.12.8700.813"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7237",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-26T15:15:21.743547Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:30:46.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.12.8700.813"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:27:09.563Z",
          "datePublic": "2024-07-29T21:37:14.706Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22960."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:05.971Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1007",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1007/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7237",
        "datePublished": "2024-11-22T21:12:05.971Z",
        "dateReserved": "2024-07-29T20:27:09.535Z",
        "dateUpdated": "2024-12-05T14:30:46.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7235 (GCVE-0-2024-7235)

    Vulnerability from cvelistv5 – Published: 2024-11-22 21:12 – Updated: 2024-11-23 01:26
    VLAI
    Title
    AVG AntiVirus Free Link Following Denial-of-Service Vulnerability
    Summary
    AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-22803.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    AVG AntiVirus Free Affected: 23.11.8635.809
    Create a notification for this product.
    Date Public
    2024-07-29 21:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7235",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-23T01:17:36.329518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-23T01:26:24.972Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AntiVirus Free",
              "vendor": "AVG",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.11.8635.809"
                }
              ]
            }
          ],
          "dateAssigned": "2024-07-29T20:26:32.464Z",
          "datePublic": "2024-07-29T21:37:10.137Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n. Was ZDI-CAN-22803."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T21:12:02.954Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-1006",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1006/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro\u0027s Zero Day Initiative"
          },
          "title": "AVG AntiVirus Free Link Following Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-7235",
        "datePublished": "2024-11-22T21:12:02.954Z",
        "dateReserved": "2024-07-29T20:26:32.437Z",
        "dateUpdated": "2024-11-23T01:26:24.972Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9484 (GCVE-0-2024-9484)

    Vulnerability from cvelistv5 – Published: 2024-10-04 12:44 – Updated: 2024-10-07 11:27
    VLAI
    Summary
    An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:44
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9484",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:31:38.216327Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:31:46.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:44:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing."
                }
              ],
              "value": "An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:37.651Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definitions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definitions."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9484",
        "datePublished": "2024-10-04T12:44:25.057Z",
        "dateReserved": "2024-10-03T14:29:40.798Z",
        "dateUpdated": "2024-10-07T11:27:37.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9483 (GCVE-0-2024-9483)

    Vulnerability from cvelistv5 – Published: 2024-10-04 12:29 – Updated: 2024-10-07 11:27
    VLAI
    Title
    Uninitialized variable in digital signiture verification may crash the application
    Summary
    A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:29
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9483",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:34:56.915713Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:35:04.810Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:29:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing."
                }
              ],
              "value": "A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:19.528Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definitions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definitions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Uninitialized variable in digital signiture verification may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9483",
        "datePublished": "2024-10-04T12:29:16.430Z",
        "dateReserved": "2024-10-03T14:29:36.984Z",
        "dateUpdated": "2024-10-07T11:27:19.528Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9482 (GCVE-0-2024-9482)

    Vulnerability from cvelistv5 – Published: 2024-10-04 12:22 – Updated: 2024-10-07 11:27
    VLAI
    Title
    Out of Bounds write on scan of malformed Mach-O file may crash the application
    Summary
    An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:39:04.820285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:39:14.744Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing."
                }
              ],
              "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:27:03.261Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definintions.\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to the latest version of virus definintions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Out of Bounds write on scan of malformed Mach-O file may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9482",
        "datePublished": "2024-10-04T12:22:47.087Z",
        "dateReserved": "2024-10-03T14:29:35.415Z",
        "dateUpdated": "2024-10-07T11:27:03.261Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9481 (GCVE-0-2024-9481)

    Vulnerability from cvelistv5 – Published: 2024-10-04 12:15 – Updated: 2024-10-07 11:26
    VLAI
    Title
    Out of Bounds write on scan of malformed eml file may crash the application
    Summary
    An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVG/Avast Antivirus Affected: 24/Sep/2024 , < < 24092400 (date)
    Create a notification for this product.
    Date Public
    2024-10-04 12:13
    Credits
    Mike Zhang, an independent security researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-04T13:54:39.515335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-04T13:54:47.530Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "MacOS",
                "Windows",
                "Linux"
              ],
              "product": "Antivirus",
              "vendor": "AVG/Avast",
              "versions": [
                {
                  "lessThan": "\u003c 24092400",
                  "status": "affected",
                  "version": "24/Sep/2024",
                  "versionType": "date"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mike Zhang, an independent security researcher"
            }
          ],
          "datePublic": "2024-10-04T12:13:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u0026lt;24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."
                }
              ],
              "value": "An out-of-bounds write in the engine module in AVG/Avast Antivirus signature \u003c24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-07T11:26:43.561Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest version of virus definintions."
                }
              ],
              "value": "Upgrade to the latest version of virus definintions."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Out of Bounds write on scan of malformed eml file may crash the application",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2024-9481",
        "datePublished": "2024-10-04T12:15:14.709Z",
        "dateReserved": "2024-10-03T14:29:34.815Z",
        "dateUpdated": "2024-10-07T11:26:43.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4294 (GCVE-0-2022-4294)

    Vulnerability from cvelistv5 – Published: 2023-01-10 09:14 – Updated: 2025-04-08 14:54
    VLAI
    Title
    Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation
    Summary
    Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:34:50.109Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4294",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-08T14:53:38.976759Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-08T14:54:30.415Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Norton Antivirus Windows Eraser Engine",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 119.1.5.1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Avira Security ",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 1.1.78"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Avast Antivirus",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "Prior to 22.10"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "AVG Antivirus",
              "vendor": "NortonLifelock (GenDigital)",
              "versions": [
                {
                  "status": "affected",
                  "version": "Prior to 22.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNorton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-10T09:22:11.371Z",
            "orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
            "shortName": "NLOK"
          },
          "references": [
            {
              "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
        "assignerShortName": "NLOK",
        "cveId": "CVE-2022-4294",
        "datePublished": "2023-01-10T09:14:47.102Z",
        "dateReserved": "2022-12-05T17:46:00.115Z",
        "dateUpdated": "2025-04-08T14:54:30.415Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5522 (GCVE-0-2008-5522)

    Vulnerability from cvelistv5 – Published: 2008-12-12 18:13 – Updated: 2024-08-07 10:56
    VLAI
    Summary
    AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4723 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/499043/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/498995/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2008-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:56:46.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-antivirus-mzheader-code-execution(47435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
              },
              {
                "name": "4723",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4723"
              },
              {
                "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
              },
              {
                "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-antivirus-mzheader-code-execution(47435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
            },
            {
              "name": "4723",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4723"
            },
            {
              "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
            },
            {
              "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-antivirus-mzheader-code-execution(47435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
                },
                {
                  "name": "4723",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4723"
                },
                {
                  "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
                },
                {
                  "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5522",
        "datePublished": "2008-12-12T18:13:00.000Z",
        "dateReserved": "2008-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:56:46.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }