Anti.virus
by Ikarus
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14961 | Hig | 0.54 | 7.8 | 0.02 | Nov 15, 2017 | In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. | ||
| CVE-2017-15643 | Hig | 0.52 | 7.4 | 0.06 | Oct 19, 2017 | An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first… | ||
| CVE-2017-14969 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114. | ||
| CVE-2017-14968 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113. | ||
| CVE-2017-14967 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080. | ||
| CVE-2017-14966 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0. | ||
| CVE-2017-14965 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000cc. | ||
| CVE-2017-14964 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c. | ||
| CVE-2017-14963 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000058. | ||
| CVE-2017-14962 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Out of Bounds Write vulnerability because of not validating input values from IOCtl 0x83000058, a related issue to CVE-2017-17112. | ||
| CVE-2017-17804 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084. | ||
| CVE-2017-17797 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000058. | ||
| CVE-2017-17795 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000088. | ||
| CVE-2017-17114 | Hig | 0.51 | 7.8 | 0.00 | Dec 4, 2017 | ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request. | ||
| CVE-2017-17112 | Hig | 0.51 | 7.8 | 0.00 | Dec 4, 2017 | ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request. | ||
| CVE-2017-17113 | Med | 0.36 | 5.5 | 0.00 | Dec 4, 2017 | ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request. | ||
| CVE-2008-5532 | 0.00 | — | 0.02 | Dec 12, 2008 | Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no… | |||
| CVE-2005-3375 | 0.00 | — | 0.02 | Oct 30, 2005 | Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still… | |||
| CVE-2005-3228 | 0.00 | — | 0.02 | Oct 14, 2005 | Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar… |
- risk 0.54cvss 7.8epss 0.02
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
- risk 0.52cvss 7.4epss 0.06
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first…
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000cc.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000058.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Out of Bounds Write vulnerability because of not validating input values from IOCtl 0x83000058, a related issue to CVE-2017-17112.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000058.
- risk 0.51cvss 7.8epss 0.00
In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000088.
- risk 0.51cvss 7.8epss 0.00
ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request.
- risk 0.51cvss 7.8epss 0.00
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request.
- risk 0.36cvss 5.5epss 0.00
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request.
- CVE-2008-5532Dec 12, 2008risk 0.00cvss —epss 0.02
Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no…
- CVE-2005-3375Oct 30, 2005risk 0.00cvss —epss 0.02
Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still…
- CVE-2005-3228Oct 14, 2005risk 0.00cvss —epss 0.02
Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar…