This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Eset Software First view 2005-09-14
Product nod32 Antivirus Last view 2007-07-25
Version 2.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:eset_software:nod32_antivirus

Activity : Overall

Related : CVE

  Date Alert Description
5 2007-07-25 CVE-2007-3972

ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.

5 2007-07-25 CVE-2007-3971

Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.

5 2007-07-25 CVE-2007-3970

Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

7.2 2006-04-07 CVE-2006-0951

The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.

7.2 2006-04-06 CVE-2006-1649

The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.

7.5 2005-09-14 CVE-2005-2903

Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Open Source Vulnerability Database (OSVDB)

id Description
37978 NOD32 Antivirus Crafted ASPACK / FSG File handling DoS
37977 NOD32 Antivirus Crafted ASPACK Packed File Handling Overflow
37976 NOD32 Antivirus CAB File Handling Arbitrary Code Execution
24394 NOD32 nod32.exe Scheduled Scan Local Privilege Escalation
24393 NOD32 Antivirus Restore To Feature Arbitrary File Creation
19223 NOD32 Antivirus ARJ Archive Filename Overflow

Snort® IPS/IDS

Date Description
2014-01-10 NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt
RuleID : 17356 - Type : FILE-OTHER - Revision : 12

Nessus® Vulnerability Scanner

id Description
2007-07-23 Name: The remote Windows host has an application that is affected by multiple issues.
File: nod32_2289.nasl - Type: ACT_GATHER_INFO
2006-05-27 Name: The remote Windows host contains an application that is subject to a local pr...
File: nod32_local_file_creation.nasl - Type: ACT_GATHER_INFO
2005-09-14 Name: The remote Windows application is prone to a buffer overflow attack.
File: nod32_arj_overflow.nasl - Type: ACT_GATHER_INFO