Search
Find a vulnerability
Search criteria
12 vulnerabilities found for panda_activescan by panda
CVE-2009-3735 (GCVE-0-2009-3735)
Vulnerability from nvd – Published: 2010-02-11 17:00 – Updated: 2024-08-07 06:38
VLAI
Summary
The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0354 | vdb-entryx_refsource_VUPEN |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| http://www.kb.cert.org/vuls/id/MAPG-7QPKL3 | x_refsource_MISC |
| http://www.securityfocus.com/bid/38067 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/869993 | third-party-advisoryx_refsource_CERT-VN |
| http://secunia.com/advisories/38485 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-02-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "ADV-2010-0354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-3735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0354",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-3735",
"datePublished": "2010-02-11T17:00:00.000Z",
"dateReserved": "2009-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:38:30.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3155 (GCVE-0-2008-3155)
Vulnerability from nvd – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
VLAI
Summary
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2008/2008… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/30086 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/6004 | exploitx_refsource_EXPLOIT-DB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/30841 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id?1020432 | vdb-entryx_refsource_SECTRACK |
| http://karol.wiesek.pl/files/panda.tgz | x_refsource_MISC |
Date Public
2008-07-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "panda-activescan-bo(43588)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "panda-activescan-bo(43588)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "panda-activescan-bo(43588)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "http://karol.wiesek.pl/files/panda.tgz",
"refsource": "MISC",
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3155",
"datePublished": "2008-07-11T22:00:00.000Z",
"dateReserved": "2008-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3156 (GCVE-0-2008-3156)
Vulnerability from nvd – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
VLAI
Summary
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/2008… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/30086 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/6004 | exploitx_refsource_EXPLOIT-DB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/30841 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id?1020432 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://karol.wiesek.pl/files/panda.tgz | x_refsource_MISC |
Date Public
2008-07-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2008",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"name": "http://karol.wiesek.pl/files/panda.tgz",
"refsource": "MISC",
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3156",
"datePublished": "2008-07-11T22:00:00.000Z",
"dateReserved": "2008-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1670 (GCVE-0-2007-1670)
Vulnerability from nvd – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
VLAI
Summary
Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/25152 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/23823 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/1700 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/467646/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/35845 | vdb-entryx_refsource_OSVDB |
Date Public
2007-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"refsource": "OSVDB",
"url": "http://osvdb.org/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1670",
"datePublished": "2007-05-09T00:00:00.000Z",
"dateReserved": "2007-03-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:06:25.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4295 (GCVE-0-2006-4295)
Vulnerability from nvd – Published: 2006-08-23 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lostmon.blogspot.com/2006/08/panda-actives… | x_refsource_MISC |
| http://www.securityfocus.com/bid/19471 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/29147 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1016696 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-08-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:06.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-16T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4295",
"datePublished": "2006-08-23T01:00:00.000Z",
"dateReserved": "2006-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:06.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3922 (GCVE-0-2005-3922)
Vulnerability from nvd – Published: 2005-11-30 11:00 – Updated: 2024-08-07 23:31
VLAI
Summary
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.rem0te.com/public/images/panda.pdf | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2666 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/15616 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/17765 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/418096/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/216 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1015295 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/21256 | vdb-entryx_refsource_OSVDB |
Date Public
2005-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:48.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rem0te.com/public/images/panda.pdf",
"refsource": "MISC",
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3922",
"datePublished": "2005-11-30T11:00:00.000Z",
"dateReserved": "2005-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:31:48.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3735 (GCVE-0-2009-3735)
Vulnerability from cvelistv5 – Published: 2010-02-11 17:00 – Updated: 2024-08-07 06:38
VLAI
Summary
The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0354 | vdb-entryx_refsource_VUPEN |
| https://docs.microsoft.com/en-us/security-updates… | vendor-advisoryx_refsource_MS |
| http://www.kb.cert.org/vuls/id/MAPG-7QPKL3 | x_refsource_MISC |
| http://www.securityfocus.com/bid/38067 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/869993 | third-party-advisoryx_refsource_CERT-VN |
| http://secunia.com/advisories/38485 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-02-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "ADV-2010-0354",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-3735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\u0027s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0354",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0354"
},
{
"name": "MS10-008",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-008"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7QPKL3"
},
{
"name": "38067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38067"
},
{
"name": "VU#869993",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/869993"
},
{
"name": "38485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-3735",
"datePublished": "2010-02-11T17:00:00.000Z",
"dateReserved": "2009-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:38:30.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3155 (GCVE-0-2008-3155)
Vulnerability from cvelistv5 – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
VLAI
Summary
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2008/2008… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/30086 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/6004 | exploitx_refsource_EXPLOIT-DB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/30841 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id?1020432 | vdb-entryx_refsource_SECTRACK |
| http://karol.wiesek.pl/files/panda.tgz | x_refsource_MISC |
Date Public
2008-07-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "panda-activescan-bo(43588)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "panda-activescan-bo(43588)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "panda-activescan-bo(43588)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43588"
},
{
"name": "ADV-2008-2008",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "http://karol.wiesek.pl/files/panda.tgz",
"refsource": "MISC",
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3155",
"datePublished": "2008-07-11T22:00:00.000Z",
"dateReserved": "2008-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3156 (GCVE-0-2008-3156)
Vulnerability from cvelistv5 – Published: 2008-07-11 22:00 – Updated: 2024-08-07 09:28
VLAI
Summary
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/2008… | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/30086 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/6004 | exploitx_refsource_EXPLOIT-DB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/30841 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id?1020432 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://karol.wiesek.pl/files/panda.tgz | x_refsource_MISC |
Date Public
2008-07-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-2008",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2008",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2008/references"
},
{
"name": "30086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30086"
},
{
"name": "6004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6004"
},
{
"name": "20080705 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063061.html"
},
{
"name": "30841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30841"
},
{
"name": "20080704 Panda ActiveScan 2.0 remote code execution",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063068.html"
},
{
"name": "1020432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020432"
},
{
"name": "panda-activescan-file-download(43587)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43587"
},
{
"name": "http://karol.wiesek.pl/files/panda.tgz",
"refsource": "MISC",
"url": "http://karol.wiesek.pl/files/panda.tgz"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3156",
"datePublished": "2008-07-11T22:00:00.000Z",
"dateReserved": "2008-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1670 (GCVE-0-2007-1670)
Vulnerability from cvelistv5 – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06
VLAI
Summary
Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/25152 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/23823 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/1700 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/467646/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/35845 | vdb-entryx_refsource_OSVDB |
Date Public
2007-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-vendor-zoo-dos(34080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
},
{
"name": "25152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25152"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "ADV-2007-1700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1700"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "35845",
"refsource": "OSVDB",
"url": "http://osvdb.org/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1670",
"datePublished": "2007-05-09T00:00:00.000Z",
"dateReserved": "2007-03-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:06:25.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4295 (GCVE-0-2006-4295)
Vulnerability from cvelistv5 – Published: 2006-08-23 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lostmon.blogspot.com/2006/08/panda-actives… | x_refsource_MISC |
| http://www.securityfocus.com/bid/19471 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/29147 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1016696 | vdb-entryx_refsource_SECTRACK |
Date Public
2006-08-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:06.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-16T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name": "19471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name": "29147",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29147"
},
{
"name": "1016696",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4295",
"datePublished": "2006-08-23T01:00:00.000Z",
"dateReserved": "2006-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:06.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3922 (GCVE-0-2005-3922)
Vulnerability from cvelistv5 – Published: 2005-11-30 11:00 – Updated: 2024-08-07 23:31
VLAI
Summary
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.rem0te.com/public/images/panda.pdf | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/2666 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/15616 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/17765 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/418096/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/216 | third-party-advisoryx_refsource_SREASON |
| http://securitytracker.com/id?1015295 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/21256 | vdb-entryx_refsource_OSVDB |
Date Public
2005-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:48.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rem0te.com/public/images/panda.pdf",
"refsource": "MISC",
"url": "http://www.rem0te.com/public/images/panda.pdf"
},
{
"name": "ADV-2005-2666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2666"
},
{
"name": "15616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15616"
},
{
"name": "17765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17765"
},
{
"name": "panda-antivirus-zoo-bo(23276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23276"
},
{
"name": "20051129 Panda Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418096/100/0/threaded"
},
{
"name": "216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/216"
},
{
"name": "1015295",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015295"
},
{
"name": "21256",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3922",
"datePublished": "2005-11-30T11:00:00.000Z",
"dateReserved": "2005-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:31:48.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}