Unrated severityNVD Advisory· Published Oct 5, 2005· Updated Apr 16, 2026

CVE-2005-3154

Description

Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.

Affected products

Softwin/Bitdefender3 versions
cpe:2.3:a:softwin:bitdefender:7.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:softwin:bitdefender:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:softwin:bitdefender:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:softwin:bitdefender:9.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityreason.com/securityalert/45nvdThird Party Advisory
www.securityfocus.com/bid/14968nvdThird Party Advisory
kb.bitdefender.com/KB261-en--Filename-Format-String-Vulnerability.htmlnvdBroken Link
secunia.com/advisories/16991nvdPermissions Required
shadock.net/secubox/BitDefenderLoggingFunc.htmlnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000