Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for avast_antivirus by avast

    CVE-2015-5662 (GCVE-0-2015-5662)

    Vulnerability from nvd – Published: 2015-10-18 10:00 – Updated: 2024-08-06 06:59
    VLAI
    Summary
    Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160 third-party-advisoryx_refsource_JVNDB
    http://www.securitytracker.com/id/1033860 vdb-entryx_refsource_SECTRACK
    http://jvn.jp/en/jp/JVN25576608/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2015-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:59:03.885Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2015-000160",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
              },
              {
                "name": "1033860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1033860"
              },
              {
                "name": "JVN#25576608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-06T18:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVNDB-2015-000160",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
            },
            {
              "name": "1033860",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1033860"
            },
            {
              "name": "JVN#25576608",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2015-5662",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2015-000160",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
                },
                {
                  "name": "1033860",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1033860"
                },
                {
                  "name": "JVN#25576608",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2015-5662",
        "datePublished": "2015-10-18T10:00:00.000Z",
        "dateReserved": "2015-07-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:59:03.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-6846 (GCVE-0-2008-6846)

    Vulnerability from nvd – Published: 2009-07-02 10:00 – Updated: 2024-08-07 11:42
    VLAI
    Summary
    Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:42:00.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "52016",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/52016"
              },
              {
                "name": "32747",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32747"
              },
              {
                "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
              },
              {
                "name": "ADV-2008-3460",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/3460"
              },
              {
                "name": "avast-home-iso-rpm-bo(47251)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "52016",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/52016"
            },
            {
              "name": "32747",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32747"
            },
            {
              "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
            },
            {
              "name": "ADV-2008-3460",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/3460"
            },
            {
              "name": "avast-home-iso-rpm-bo(47251)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-6846",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "52016",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/52016"
                },
                {
                  "name": "32747",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32747"
                },
                {
                  "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
                },
                {
                  "name": "ADV-2008-3460",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/3460"
                },
                {
                  "name": "avast-home-iso-rpm-bo(47251)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
                },
                {
                  "name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html",
                  "refsource": "MISC",
                  "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-6846",
        "datePublished": "2009-07-02T10:00:00.000Z",
        "dateReserved": "2009-07-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:42:00.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5523 (GCVE-0-2008-5523)

    Vulnerability from nvd – Published: 2008-12-12 18:13 – Updated: 2024-08-07 10:56
    VLAI
    Summary
    avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4723 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/499043/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/498995/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2008-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:56:47.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-antivirus-mzheader-code-execution(47435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
              },
              {
                "name": "4723",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4723"
              },
              {
                "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
              },
              {
                "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-antivirus-mzheader-code-execution(47435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
            },
            {
              "name": "4723",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4723"
            },
            {
              "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
            },
            {
              "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5523",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-antivirus-mzheader-code-execution(47435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
                },
                {
                  "name": "4723",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4723"
                },
                {
                  "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
                },
                {
                  "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5523",
        "datePublished": "2008-12-12T18:13:00.000Z",
        "dateReserved": "2008-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:56:47.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2845 (GCVE-0-2007-2845)

    Vulnerability from nvd – Published: 2007-05-24 18:00 – Updated: 2024-08-07 13:57
    VLAI
    Summary
    Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around".
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=full-disclosure&m=11800032141… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/469469/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/25380 third-party-advisoryx_refsource_SECUNIA
    http://www.avast.com/eng/adnm-management-client-r… x_refsource_CONFIRM
    http://osvdb.org/36523 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/id?1018108 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/24132 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/1935 vdb-entryx_refsource_VUPEN
    Date Public
    2007-05-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:57:53.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
              },
              {
                "name": "avast-cab-bo(34477)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
              },
              {
                "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
              },
              {
                "name": "25380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25380"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
              },
              {
                "name": "36523",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36523"
              },
              {
                "name": "1018108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018108"
              },
              {
                "name": "24132",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24132"
              },
              {
                "name": "ADV-2007-1935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1935"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
            },
            {
              "name": "avast-cab-bo(34477)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
            },
            {
              "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
            },
            {
              "name": "25380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25380"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
            },
            {
              "name": "36523",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36523"
            },
            {
              "name": "1018108",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018108"
            },
            {
              "name": "24132",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24132"
            },
            {
              "name": "ADV-2007-1935",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1935"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2845",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
                },
                {
                  "name": "avast-cab-bo(34477)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
                },
                {
                  "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
                },
                {
                  "name": "25380",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25380"
                },
                {
                  "name": "http://www.avast.com/eng/adnm-management-client-revision-history.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
                },
                {
                  "name": "36523",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36523"
                },
                {
                  "name": "1018108",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018108"
                },
                {
                  "name": "24132",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24132"
                },
                {
                  "name": "ADV-2007-1935",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1935"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2845",
        "datePublished": "2007-05-24T18:00:00.000Z",
        "dateReserved": "2007-05-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:57:53.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1673 (GCVE-0-2007-1673)

    Vulnerability from nvd – Published: 2007-05-09 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.amavis.org/security/asa-2007-2.txt x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36208 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25315 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/2680 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.amavis.org/security/asa-2007-2.txt"
              },
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "36208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36208"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "25315",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25315"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "2680",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.amavis.org/security/asa-2007-2.txt"
            },
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "36208",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36208"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "25315",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25315"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "2680",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2680"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1673",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.amavis.org/security/asa-2007-2.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.amavis.org/security/asa-2007-2.txt"
                },
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "36208",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36208"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "25315",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25315"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "2680",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2680"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1673",
        "datePublished": "2007-05-09T01:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1672 (GCVE-0-2007-1672)

    Vulnerability from nvd – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25137 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/1701 vdb-entryx_refsource_VUPEN
    http://osvdb.org/35794 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2680 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "25137",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25137"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "ADV-2007-1701",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1701"
              },
              {
                "name": "35794",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35794"
              },
              {
                "name": "2680",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "25137",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25137"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "ADV-2007-1701",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1701"
            },
            {
              "name": "35794",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35794"
            },
            {
              "name": "2680",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2680"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1672",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "25137",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25137"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "ADV-2007-1701",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1701"
                },
                {
                  "name": "35794",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35794"
                },
                {
                  "name": "2680",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2680"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1672",
        "datePublished": "2007-05-09T00:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5662 (GCVE-0-2015-5662)

    Vulnerability from cvelistv5 – Published: 2015-10-18 10:00 – Updated: 2024-08-06 06:59
    VLAI
    Summary
    Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160 third-party-advisoryx_refsource_JVNDB
    http://www.securitytracker.com/id/1033860 vdb-entryx_refsource_SECTRACK
    http://jvn.jp/en/jp/JVN25576608/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2015-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:59:03.885Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2015-000160",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
              },
              {
                "name": "1033860",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1033860"
              },
              {
                "name": "JVN#25576608",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-06T18:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVNDB-2015-000160",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
            },
            {
              "name": "1033860",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1033860"
            },
            {
              "name": "JVN#25576608",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2015-5662",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2015-000160",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000160"
                },
                {
                  "name": "1033860",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1033860"
                },
                {
                  "name": "JVN#25576608",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN25576608/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2015-5662",
        "datePublished": "2015-10-18T10:00:00.000Z",
        "dateReserved": "2015-07-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:59:03.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-6846 (GCVE-0-2008-6846)

    Vulnerability from cvelistv5 – Published: 2009-07-02 10:00 – Updated: 2024-08-07 11:42
    VLAI
    Summary
    Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:42:00.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "52016",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/52016"
              },
              {
                "name": "32747",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32747"
              },
              {
                "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
              },
              {
                "name": "ADV-2008-3460",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/3460"
              },
              {
                "name": "avast-home-iso-rpm-bo(47251)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "52016",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/52016"
            },
            {
              "name": "32747",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32747"
            },
            {
              "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
            },
            {
              "name": "ADV-2008-3460",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/3460"
            },
            {
              "name": "avast-home-iso-rpm-bo(47251)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-6846",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "52016",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/52016"
                },
                {
                  "name": "32747",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32747"
                },
                {
                  "name": "20081210 [IVIZ-08-013] Avast antivirus for Linux multiple vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499080/100/0/threaded"
                },
                {
                  "name": "ADV-2008-3460",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/3460"
                },
                {
                  "name": "avast-home-iso-rpm-bo(47251)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47251"
                },
                {
                  "name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html",
                  "refsource": "MISC",
                  "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08013.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-6846",
        "datePublished": "2009-07-02T10:00:00.000Z",
        "dateReserved": "2009-07-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:42:00.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5523 (GCVE-0-2008-5523)

    Vulnerability from cvelistv5 – Published: 2008-12-12 18:13 – Updated: 2024-08-07 10:56
    VLAI
    Summary
    avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/4723 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/499043/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/498995/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2008-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:56:47.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-antivirus-mzheader-code-execution(47435)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
              },
              {
                "name": "4723",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4723"
              },
              {
                "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
              },
              {
                "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-antivirus-mzheader-code-execution(47435)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
            },
            {
              "name": "4723",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4723"
            },
            {
              "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
            },
            {
              "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5523",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-antivirus-mzheader-code-execution(47435)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
                },
                {
                  "name": "4723",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4723"
                },
                {
                  "name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
                },
                {
                  "name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5523",
        "datePublished": "2008-12-12T18:13:00.000Z",
        "dateReserved": "2008-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:56:47.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2845 (GCVE-0-2007-2845)

    Vulnerability from cvelistv5 – Published: 2007-05-24 18:00 – Updated: 2024-08-07 13:57
    VLAI
    Summary
    Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around".
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=full-disclosure&m=11800032141… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/469469/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/25380 third-party-advisoryx_refsource_SECUNIA
    http://www.avast.com/eng/adnm-management-client-r… x_refsource_CONFIRM
    http://osvdb.org/36523 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/id?1018108 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/24132 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/1935 vdb-entryx_refsource_VUPEN
    Date Public
    2007-05-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:57:53.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
              },
              {
                "name": "avast-cab-bo(34477)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
              },
              {
                "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
              },
              {
                "name": "25380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25380"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
              },
              {
                "name": "36523",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36523"
              },
              {
                "name": "1018108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018108"
              },
              {
                "name": "24132",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24132"
              },
              {
                "name": "ADV-2007-1935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1935"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
            },
            {
              "name": "avast-cab-bo(34477)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
            },
            {
              "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
            },
            {
              "name": "25380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25380"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
            },
            {
              "name": "36523",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36523"
            },
            {
              "name": "1018108",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018108"
            },
            {
              "name": "24132",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24132"
            },
            {
              "name": "ADV-2007-1935",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1935"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2845",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an \"integer cast around\"."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=118000321419384\u0026w=2"
                },
                {
                  "name": "avast-cab-bo(34477)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34477"
                },
                {
                  "name": "20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing Arbitrary Code Execution Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/469469/100/0/threaded"
                },
                {
                  "name": "25380",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25380"
                },
                {
                  "name": "http://www.avast.com/eng/adnm-management-client-revision-history.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.avast.com/eng/adnm-management-client-revision-history.html"
                },
                {
                  "name": "36523",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36523"
                },
                {
                  "name": "1018108",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018108"
                },
                {
                  "name": "24132",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24132"
                },
                {
                  "name": "ADV-2007-1935",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1935"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2845",
        "datePublished": "2007-05-24T18:00:00.000Z",
        "dateReserved": "2007-05-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:57:53.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1673 (GCVE-0-2007-1673)

    Vulnerability from cvelistv5 – Published: 2007-05-09 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.amavis.org/security/asa-2007-2.txt x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/36208 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25315 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/2680 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.amavis.org/security/asa-2007-2.txt"
              },
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "36208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36208"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "25315",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25315"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "2680",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.amavis.org/security/asa-2007-2.txt"
            },
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "36208",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36208"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "25315",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25315"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "2680",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2680"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1673",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.amavis.org/security/asa-2007-2.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.amavis.org/security/asa-2007-2.txt"
                },
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "36208",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36208"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "25315",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25315"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "2680",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2680"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1673",
        "datePublished": "2007-05-09T01:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1672 (GCVE-0-2007-1672)

    Vulnerability from cvelistv5 – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25137 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/1701 vdb-entryx_refsource_VUPEN
    http://osvdb.org/35794 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2680 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "25137",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25137"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "ADV-2007-1701",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1701"
              },
              {
                "name": "35794",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35794"
              },
              {
                "name": "2680",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "25137",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25137"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "ADV-2007-1701",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1701"
            },
            {
              "name": "35794",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35794"
            },
            {
              "name": "2680",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2680"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1672",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "25137",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25137"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "ADV-2007-1701",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1701"
                },
                {
                  "name": "35794",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35794"
                },
                {
                  "name": "2680",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2680"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1672",
        "datePublished": "2007-05-09T00:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }