Drweb
Products
6- 5 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-5159 | Hig | 0.46 | 7.0 | 0.00 | Aug 25, 2012 | Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space… | ||
| CVE-2012-1453 | 0.08 | — | 0.98 | Mar 21, 2012 | The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus… | |||
| CVE-2012-1454 | 0.07 | — | 0.88 | Mar 21, 2012 | The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified… | |||
| CVE-2012-1447 | 0.05 | — | 0.68 | Mar 21, 2012 | The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. NOTE: this may later be SPLIT into multiple CVEs if… | |||
| CVE-2006-4438 | 0.04 | — | 0.10 | Sep 20, 2006 | Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name. | |||
| CVE-2020-23967 | 0.00 | — | 0.00 | Mar 8, 2021 | Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate. | |||
| CVE-2008-5526 | 0.00 | — | 0.03 | Dec 12, 2008 | DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension,… | |||
| CVE-2005-3373 | 0.00 | — | 0.01 | Oct 30, 2005 | Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be… | |||
| CVE-2005-3218 | 0.00 | — | 0.02 | Oct 14, 2005 | Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar… |
- risk 0.46cvss 7.0epss 0.00
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space…
- CVE-2012-1453Mar 21, 2012risk 0.08cvss —epss 0.98
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus…
- CVE-2012-1454Mar 21, 2012risk 0.07cvss —epss 0.88
The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified…
- CVE-2012-1447Mar 21, 2012risk 0.05cvss —epss 0.68
The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. NOTE: this may later be SPLIT into multiple CVEs if…
- CVE-2006-4438Sep 20, 2006risk 0.04cvss —epss 0.10
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.
- CVE-2020-23967Mar 8, 2021risk 0.00cvss —epss 0.00
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.
- CVE-2008-5526Dec 12, 2008risk 0.00cvss —epss 0.03
DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension,…
- CVE-2005-3373Oct 30, 2005risk 0.00cvss —epss 0.01
Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be…
- CVE-2005-3218Oct 14, 2005risk 0.00cvss —epss 0.02
Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar…