Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for panda_activescan by panda

    CVE-2009-3735 (GCVE-0-2009-3735)

    Vulnerability from nvd – Published: 2010-02-11 17:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0354 vdb-entryx_refsource_VUPEN
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.kb.cert.org/vuls/id/MAPG-7QPKL3 x_refsource_MISC
    http://www.securityfocus.com/bid/38067 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/869993 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/38485 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.251Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0354"
              },
              {
                "name": "MS10-008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
              },
              {
                "name": "38067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38067"
              },
              {
                "name": "VU#869993",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/869993"
              },
              {
                "name": "38485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38485"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "ADV-2010-0354",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0354"
            },
            {
              "name": "MS10-008",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
            },
            {
              "name": "38067",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38067"
            },
            {
              "name": "VU#869993",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/869993"
            },
            {
              "name": "38485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38485"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2009-3735",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0354",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0354"
                },
                {
                  "name": "MS10-008",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
                },
                {
                  "name": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3",
                  "refsource": "MISC",
                  "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
                },
                {
                  "name": "38067",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38067"
                },
                {
                  "name": "VU#869993",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/869993"
                },
                {
                  "name": "38485",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38485"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2009-3735",
        "datePublished": "2010-02-11T17:00:00.000Z",
        "dateReserved": "2009-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3155 (GCVE-0-2008-3155)

    Vulnerability from nvd – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
    VLAI
    Summary
    Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2008/2008… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/30086 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/6004 exploitx_refsource_EXPLOIT-DB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/30841 third-party-advisoryx_refsource_SECUNIA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securitytracker.com/id?1020432 vdb-entryx_refsource_SECTRACK
    http://karol.wiesek.pl/files/panda.tgz x_refsource_MISC
    Date Public
    2008-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:28:41.499Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "panda-activescan-bo(43588)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
              },
              {
                "name": "ADV-2008-2008",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2008/references"
              },
              {
                "name": "30086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30086"
              },
              {
                "name": "6004",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6004"
              },
              {
                "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
              },
              {
                "name": "30841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30841"
              },
              {
                "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
              },
              {
                "name": "1020432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1020432"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://karol.wiesek.pl/files/panda.tgz"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "panda-activescan-bo(43588)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
            },
            {
              "name": "ADV-2008-2008",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2008/references"
            },
            {
              "name": "30086",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30086"
            },
            {
              "name": "6004",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6004"
            },
            {
              "name": "20080705 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
            },
            {
              "name": "30841",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30841"
            },
            {
              "name": "20080704 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
            },
            {
              "name": "1020432",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1020432"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://karol.wiesek.pl/files/panda.tgz"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3155",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "panda-activescan-bo(43588)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
                },
                {
                  "name": "ADV-2008-2008",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2008/references"
                },
                {
                  "name": "30086",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30086"
                },
                {
                  "name": "6004",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6004"
                },
                {
                  "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
                },
                {
                  "name": "30841",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30841"
                },
                {
                  "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
                },
                {
                  "name": "1020432",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1020432"
                },
                {
                  "name": "http://karol.wiesek.pl/files/panda.tgz",
                  "refsource": "MISC",
                  "url": "http://karol.wiesek.pl/files/panda.tgz"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3155",
        "datePublished": "2008-07-11T22:00:00.000Z",
        "dateReserved": "2008-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:28:41.499Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3156 (GCVE-0-2008-3156)

    Vulnerability from nvd – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
    VLAI
    Summary
    The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2008/2008… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/30086 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/6004 exploitx_refsource_EXPLOIT-DB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/30841 third-party-advisoryx_refsource_SECUNIA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securitytracker.com/id?1020432 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://karol.wiesek.pl/files/panda.tgz x_refsource_MISC
    Date Public
    2008-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:28:41.440Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2008-2008",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2008/references"
              },
              {
                "name": "30086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30086"
              },
              {
                "name": "6004",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6004"
              },
              {
                "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
              },
              {
                "name": "30841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30841"
              },
              {
                "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
              },
              {
                "name": "1020432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1020432"
              },
              {
                "name": "panda-activescan-file-download(43587)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://karol.wiesek.pl/files/panda.tgz"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2008-2008",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2008/references"
            },
            {
              "name": "30086",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30086"
            },
            {
              "name": "6004",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6004"
            },
            {
              "name": "20080705 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
            },
            {
              "name": "30841",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30841"
            },
            {
              "name": "20080704 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
            },
            {
              "name": "1020432",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1020432"
            },
            {
              "name": "panda-activescan-file-download(43587)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://karol.wiesek.pl/files/panda.tgz"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3156",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2008-2008",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2008/references"
                },
                {
                  "name": "30086",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30086"
                },
                {
                  "name": "6004",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6004"
                },
                {
                  "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
                },
                {
                  "name": "30841",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30841"
                },
                {
                  "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
                },
                {
                  "name": "1020432",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1020432"
                },
                {
                  "name": "panda-activescan-file-download(43587)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
                },
                {
                  "name": "http://karol.wiesek.pl/files/panda.tgz",
                  "refsource": "MISC",
                  "url": "http://karol.wiesek.pl/files/panda.tgz"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3156",
        "datePublished": "2008-07-11T22:00:00.000Z",
        "dateReserved": "2008-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:28:41.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1670 (GCVE-0-2007-1670)

    Vulnerability from nvd – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/25152 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/1700 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/35845 vdb-entryx_refsource_OSVDB
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "25152",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25152"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "ADV-2007-1700",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1700"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "35845",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35845"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "25152",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25152"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "ADV-2007-1700",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1700"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "35845",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35845"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1670",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "25152",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25152"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "ADV-2007-1700",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1700"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "35845",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35845"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1670",
        "datePublished": "2007-05-09T00:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4295 (GCVE-0-2006-4295)

    Vulnerability from nvd – Published: 2006-08-23 01:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lostmon.blogspot.com/2006/08/panda-actives… x_refsource_MISC
    http://www.securityfocus.com/bid/19471 vdb-entryx_refsource_BID
    http://www.osvdb.org/29147 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1016696 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-08-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:06.468Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
              },
              {
                "name": "19471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19471"
              },
              {
                "name": "29147",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29147"
              },
              {
                "name": "1016696",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-12-16T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
            },
            {
              "name": "19471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19471"
            },
            {
              "name": "29147",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29147"
            },
            {
              "name": "1016696",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4295",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
                  "refsource": "MISC",
                  "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
                },
                {
                  "name": "19471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19471"
                },
                {
                  "name": "29147",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29147"
                },
                {
                  "name": "1016696",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4295",
        "datePublished": "2006-08-23T01:00:00.000Z",
        "dateReserved": "2006-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:06.468Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3922 (GCVE-0-2005-3922)

    Vulnerability from nvd – Published: 2005-11-30 11:00 – Updated: 2024-08-07 23:31
    VLAI
    Summary
    Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.rem0te.com/public/images/panda.pdf x_refsource_MISC
    http://www.vupen.com/english/advisories/2005/2666 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/15616 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17765 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/418096/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/216 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1015295 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/21256 vdb-entryx_refsource_OSVDB
    Date Public
    2005-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:31:48.018Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.rem0te.com/public/images/panda.pdf"
              },
              {
                "name": "ADV-2005-2666",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2666"
              },
              {
                "name": "15616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15616"
              },
              {
                "name": "17765",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17765"
              },
              {
                "name": "panda-antivirus-zoo-bo(23276)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
              },
              {
                "name": "20051129 Panda Remote Heap Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
              },
              {
                "name": "216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/216"
              },
              {
                "name": "1015295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015295"
              },
              {
                "name": "21256",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21256"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.rem0te.com/public/images/panda.pdf"
            },
            {
              "name": "ADV-2005-2666",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2666"
            },
            {
              "name": "15616",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15616"
            },
            {
              "name": "17765",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17765"
            },
            {
              "name": "panda-antivirus-zoo-bo(23276)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
            },
            {
              "name": "20051129 Panda Remote Heap Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
            },
            {
              "name": "216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/216"
            },
            {
              "name": "1015295",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015295"
            },
            {
              "name": "21256",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21256"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3922",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.rem0te.com/public/images/panda.pdf",
                  "refsource": "MISC",
                  "url": "http://www.rem0te.com/public/images/panda.pdf"
                },
                {
                  "name": "ADV-2005-2666",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2666"
                },
                {
                  "name": "15616",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15616"
                },
                {
                  "name": "17765",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17765"
                },
                {
                  "name": "panda-antivirus-zoo-bo(23276)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
                },
                {
                  "name": "20051129 Panda Remote Heap Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
                },
                {
                  "name": "216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/216"
                },
                {
                  "name": "1015295",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015295"
                },
                {
                  "name": "21256",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21256"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3922",
        "datePublished": "2005-11-30T11:00:00.000Z",
        "dateReserved": "2005-11-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:31:48.018Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3735 (GCVE-0-2009-3735)

    Vulnerability from cvelistv5 – Published: 2010-02-11 17:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/0354 vdb-entryx_refsource_VUPEN
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.kb.cert.org/vuls/id/MAPG-7QPKL3 x_refsource_MISC
    http://www.securityfocus.com/bid/38067 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/869993 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/38485 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-02-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.251Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-0354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0354"
              },
              {
                "name": "MS10-008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
              },
              {
                "name": "38067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38067"
              },
              {
                "name": "VU#869993",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/869993"
              },
              {
                "name": "38485",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38485"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-02-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "ADV-2010-0354",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0354"
            },
            {
              "name": "MS10-008",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
            },
            {
              "name": "38067",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38067"
            },
            {
              "name": "VU#869993",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/869993"
            },
            {
              "name": "38485",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38485"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2009-3735",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-0354",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0354"
                },
                {
                  "name": "MS10-008",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
                },
                {
                  "name": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3",
                  "refsource": "MISC",
                  "url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
                },
                {
                  "name": "38067",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38067"
                },
                {
                  "name": "VU#869993",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/869993"
                },
                {
                  "name": "38485",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38485"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2009-3735",
        "datePublished": "2010-02-11T17:00:00.000Z",
        "dateReserved": "2009-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3155 (GCVE-0-2008-3155)

    Vulnerability from cvelistv5 – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
    VLAI
    Summary
    Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2008/2008… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/30086 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/6004 exploitx_refsource_EXPLOIT-DB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/30841 third-party-advisoryx_refsource_SECUNIA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securitytracker.com/id?1020432 vdb-entryx_refsource_SECTRACK
    http://karol.wiesek.pl/files/panda.tgz x_refsource_MISC
    Date Public
    2008-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:28:41.499Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "panda-activescan-bo(43588)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
              },
              {
                "name": "ADV-2008-2008",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2008/references"
              },
              {
                "name": "30086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30086"
              },
              {
                "name": "6004",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6004"
              },
              {
                "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
              },
              {
                "name": "30841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30841"
              },
              {
                "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
              },
              {
                "name": "1020432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1020432"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://karol.wiesek.pl/files/panda.tgz"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "panda-activescan-bo(43588)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
            },
            {
              "name": "ADV-2008-2008",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2008/references"
            },
            {
              "name": "30086",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30086"
            },
            {
              "name": "6004",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6004"
            },
            {
              "name": "20080705 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
            },
            {
              "name": "30841",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30841"
            },
            {
              "name": "20080704 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
            },
            {
              "name": "1020432",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1020432"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://karol.wiesek.pl/files/panda.tgz"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3155",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "panda-activescan-bo(43588)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
                },
                {
                  "name": "ADV-2008-2008",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2008/references"
                },
                {
                  "name": "30086",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30086"
                },
                {
                  "name": "6004",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6004"
                },
                {
                  "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
                },
                {
                  "name": "30841",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30841"
                },
                {
                  "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
                },
                {
                  "name": "1020432",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1020432"
                },
                {
                  "name": "http://karol.wiesek.pl/files/panda.tgz",
                  "refsource": "MISC",
                  "url": "http://karol.wiesek.pl/files/panda.tgz"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3155",
        "datePublished": "2008-07-11T22:00:00.000Z",
        "dateReserved": "2008-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:28:41.499Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3156 (GCVE-0-2008-3156)

    Vulnerability from cvelistv5 – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
    VLAI
    Summary
    The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2008/2008… vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/30086 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/6004 exploitx_refsource_EXPLOIT-DB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/30841 third-party-advisoryx_refsource_SECUNIA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.securitytracker.com/id?1020432 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://karol.wiesek.pl/files/panda.tgz x_refsource_MISC
    Date Public
    2008-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:28:41.440Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2008-2008",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2008/references"
              },
              {
                "name": "30086",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30086"
              },
              {
                "name": "6004",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6004"
              },
              {
                "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
              },
              {
                "name": "30841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30841"
              },
              {
                "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
              },
              {
                "name": "1020432",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1020432"
              },
              {
                "name": "panda-activescan-file-download(43587)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://karol.wiesek.pl/files/panda.tgz"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2008-2008",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2008/references"
            },
            {
              "name": "30086",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30086"
            },
            {
              "name": "6004",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6004"
            },
            {
              "name": "20080705 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
            },
            {
              "name": "30841",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30841"
            },
            {
              "name": "20080704 Panda ActiveScan 2.0 remote code execution",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
            },
            {
              "name": "1020432",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1020432"
            },
            {
              "name": "panda-activescan-file-download(43587)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://karol.wiesek.pl/files/panda.tgz"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3156",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2008-2008",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/2008/references"
                },
                {
                  "name": "30086",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30086"
                },
                {
                  "name": "6004",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6004"
                },
                {
                  "name": "20080705 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
                },
                {
                  "name": "30841",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30841"
                },
                {
                  "name": "20080704 Panda ActiveScan 2.0 remote code execution",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
                },
                {
                  "name": "1020432",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1020432"
                },
                {
                  "name": "panda-activescan-file-download(43587)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
                },
                {
                  "name": "http://karol.wiesek.pl/files/panda.tgz",
                  "refsource": "MISC",
                  "url": "http://karol.wiesek.pl/files/panda.tgz"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3156",
        "datePublished": "2008-07-11T22:00:00.000Z",
        "dateReserved": "2008-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:28:41.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1670 (GCVE-0-2007-1670)

    Vulnerability from cvelistv5 – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/25152 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/23823 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2007/1700 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/467646/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/35845 vdb-entryx_refsource_OSVDB
    Date Public
    2007-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:25.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "multiple-vendor-zoo-dos(34080)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
              },
              {
                "name": "25152",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25152"
              },
              {
                "name": "23823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23823"
              },
              {
                "name": "ADV-2007-1700",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1700"
              },
              {
                "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
              },
              {
                "name": "35845",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35845"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "25152",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25152"
            },
            {
              "name": "23823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "ADV-2007-1700",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1700"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "35845",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35845"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1670",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "multiple-vendor-zoo-dos(34080)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
                },
                {
                  "name": "25152",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25152"
                },
                {
                  "name": "23823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23823"
                },
                {
                  "name": "ADV-2007-1700",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1700"
                },
                {
                  "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
                },
                {
                  "name": "35845",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35845"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1670",
        "datePublished": "2007-05-09T00:00:00.000Z",
        "dateReserved": "2007-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:25.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4295 (GCVE-0-2006-4295)

    Vulnerability from cvelistv5 – Published: 2006-08-23 01:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lostmon.blogspot.com/2006/08/panda-actives… x_refsource_MISC
    http://www.securityfocus.com/bid/19471 vdb-entryx_refsource_BID
    http://www.osvdb.org/29147 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1016696 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-08-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:06.468Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
              },
              {
                "name": "19471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19471"
              },
              {
                "name": "29147",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29147"
              },
              {
                "name": "1016696",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-12-16T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
            },
            {
              "name": "19471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19471"
            },
            {
              "name": "29147",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29147"
            },
            {
              "name": "1016696",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4295",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
                  "refsource": "MISC",
                  "url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
                },
                {
                  "name": "19471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19471"
                },
                {
                  "name": "29147",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29147"
                },
                {
                  "name": "1016696",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4295",
        "datePublished": "2006-08-23T01:00:00.000Z",
        "dateReserved": "2006-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:06.468Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3922 (GCVE-0-2005-3922)

    Vulnerability from cvelistv5 – Published: 2005-11-30 11:00 – Updated: 2024-08-07 23:31
    VLAI
    Summary
    Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.rem0te.com/public/images/panda.pdf x_refsource_MISC
    http://www.vupen.com/english/advisories/2005/2666 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/15616 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17765 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/418096/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/216 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1015295 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/21256 vdb-entryx_refsource_OSVDB
    Date Public
    2005-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:31:48.018Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.rem0te.com/public/images/panda.pdf"
              },
              {
                "name": "ADV-2005-2666",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2666"
              },
              {
                "name": "15616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15616"
              },
              {
                "name": "17765",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17765"
              },
              {
                "name": "panda-antivirus-zoo-bo(23276)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
              },
              {
                "name": "20051129 Panda Remote Heap Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
              },
              {
                "name": "216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/216"
              },
              {
                "name": "1015295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015295"
              },
              {
                "name": "21256",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21256"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.rem0te.com/public/images/panda.pdf"
            },
            {
              "name": "ADV-2005-2666",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2666"
            },
            {
              "name": "15616",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15616"
            },
            {
              "name": "17765",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17765"
            },
            {
              "name": "panda-antivirus-zoo-bo(23276)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
            },
            {
              "name": "20051129 Panda Remote Heap Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
            },
            {
              "name": "216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/216"
            },
            {
              "name": "1015295",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015295"
            },
            {
              "name": "21256",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21256"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3922",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.rem0te.com/public/images/panda.pdf",
                  "refsource": "MISC",
                  "url": "http://www.rem0te.com/public/images/panda.pdf"
                },
                {
                  "name": "ADV-2005-2666",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2666"
                },
                {
                  "name": "15616",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15616"
                },
                {
                  "name": "17765",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17765"
                },
                {
                  "name": "panda-antivirus-zoo-bo(23276)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
                },
                {
                  "name": "20051129 Panda Remote Heap Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
                },
                {
                  "name": "216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/216"
                },
                {
                  "name": "1015295",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015295"
                },
                {
                  "name": "21256",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21256"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3922",
        "datePublished": "2005-11-30T11:00:00.000Z",
        "dateReserved": "2005-11-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:31:48.018Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }