This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Eset Software First view 2005-01-10
Product nod32 Antivirus Last view 2007-07-25
Version 1.0.13 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:eset_software:nod32_antivirus

Activity : Overall

Related : CVE

  Date Alert Description
5 2007-07-25 CVE-2007-3972

ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.

5 2007-07-25 CVE-2007-3971

Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.

5 2007-07-25 CVE-2007-3970

Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

2.6 2006-12-20 CVE-2006-6677

ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.

9.3 2006-12-20 CVE-2006-6676

Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.

7.2 2006-04-06 CVE-2006-1649

The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.

7.5 2005-02-09 CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-27 CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-27 CVE-2004-0935

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-27 CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-27 CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-27 CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

7.5 2005-01-10 CVE-2004-1096

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-189 Numeric Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Open Source Vulnerability Database (OSVDB)

id Description
37978 NOD32 Antivirus Crafted ASPACK / FSG File handling DoS
37977 NOD32 Antivirus Crafted ASPACK Packed File Handling Overflow
37976 NOD32 Antivirus CAB File Handling Arbitrary Code Execution
32081 NOD32 Antivirus CHM Parser Overflow
32080 NOD32 Antivirus OLE2 Parsing Overflow
32079 NOD32 Antivirus CHM File Handling DoS
24393 NOD32 Antivirus Restore To Feature Arbitrary File Creation
10963 Multiple Anti-Virus Zero Compressed Size Header Detection Bypass

ExploitDB Exploits

id Description
629 Multiple AntiVirus (zip file) Detection Bypass Exploit

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-31 (Archive::Zip)
File : nvt/glsa_200410_31.nasl
2008-09-04 Name : FreeBSD Ports: p5-Archive-Zip
File : nvt/freebsd_p5-Archive-Zip.nasl

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Internet Explorer RAV Online Scanner ActiveX object access
RuleID : 4188 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 Multiple products ZIP archive virus detection bypass attempt
RuleID : 27048 - Type : FILE-OTHER - Revision : 2
2014-01-10 Multiple products ZIP archive virus detection bypass attempt
RuleID : 26989 - Type : FILE-OTHER - Revision : 7
2014-01-10 Multiple products ZIP archive virus detection bypass attempt
RuleID : 26926 - Type : FILE-OTHER - Revision : 8

Nessus® Vulnerability Scanner

id Description
2007-07-23 Name: The remote Windows host has an application that is affected by multiple issues.
File: nod32_2289.nasl - Type: ACT_GATHER_INFO
2006-12-20 Name: The remote Windows host has an application that is affected by multiple issues.
File: nod32_11743.nasl - Type: ACT_GATHER_INFO
2006-05-27 Name: The remote Windows host contains an application that is subject to a local pr...
File: nod32_local_file_creation.nasl - Type: ACT_GATHER_INFO
2004-11-02 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2004-118.nasl - Type: ACT_GATHER_INFO
2004-11-01 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200410-31.nasl - Type: ACT_GATHER_INFO