VYPR

Smart Security

by Eset

CVEs (7)

  • CVE-2010-5160MedAug 25, 2012
    risk 0.29cvss 4.5epss 0.00

    Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory…

  • CVE-2008-7107Aug 28, 2009
    risk 0.03cvss epss 0.01

    easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface.

  • CVE-2008-5724Dec 26, 2008
    risk 0.03cvss epss 0.01

    The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.

  • CVE-2020-10180Mar 5, 2020
    risk 0.00cvss epss 0.02

    The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for…

  • CVE-2020-9264Feb 18, 2020
    risk 0.00cvss epss 0.01

    ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security…

  • CVE-2014-4973Sep 23, 2014
    risk 0.00cvss epss 0.01

    The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL…

  • CVE-2008-5527Dec 12, 2008
    risk 0.00cvss epss 0.02

    ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a…