Vendor CVEs
Eset
All CVEs
62 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-5527 | 0.00 | — | 0.02 | Dec 12, 2008 | ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a… | |||
| CVE-2008-5425 | 0.00 | — | 0.02 | Dec 11, 2008 | ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other… | |||
| CVE-2007-3971 | 0.00 | — | 0.03 | Jul 25, 2007 | Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop. | |||
| CVE-2007-3972 | 0.00 | — | 0.03 | Jul 25, 2007 | ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error. | |||
| CVE-2007-3970 | 0.00 | — | 0.06 | Jul 25, 2007 | Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption. | |||
| CVE-2006-6676 | 0.00 | — | 0.06 | Dec 21, 2006 | Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow. | |||
| CVE-2006-6677 | 0.00 | — | 0.02 | Dec 21, 2006 | ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error. | |||
| CVE-2006-0951 | 0.00 | — | 0.00 | Apr 8, 2006 | The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. | |||
| CVE-2006-1649 | 0.00 | — | 0.00 | Apr 6, 2006 | The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. | |||
| CVE-2005-3212 | 0.00 | — | 0.02 | Oct 14, 2005 | Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar… | |||
| CVE-2005-2903 | 0.00 | — | 0.04 | Sep 14, 2005 | Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. | |||
| CVE-2003-0062 | 0.00 | — | 0.01 | Feb 19, 2003 | Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. |
- CVE-2008-5527Dec 12, 2008risk 0.00cvss —epss 0.02
ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a…
- CVE-2008-5425Dec 11, 2008risk 0.00cvss —epss 0.02
ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other…
- CVE-2007-3971Jul 25, 2007risk 0.00cvss —epss 0.03
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.
- CVE-2007-3972Jul 25, 2007risk 0.00cvss —epss 0.03
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.
- CVE-2007-3970Jul 25, 2007risk 0.00cvss —epss 0.06
Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.
- CVE-2006-6676Dec 21, 2006risk 0.00cvss —epss 0.06
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
- CVE-2006-6677Dec 21, 2006risk 0.00cvss —epss 0.02
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
- CVE-2006-0951Apr 8, 2006risk 0.00cvss —epss 0.00
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
- CVE-2006-1649Apr 6, 2006risk 0.00cvss —epss 0.00
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
- CVE-2005-3212Oct 14, 2005risk 0.00cvss —epss 0.02
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar…
- CVE-2005-2903Sep 14, 2005risk 0.00cvss —epss 0.04
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
- CVE-2003-0062Feb 19, 2003risk 0.00cvss —epss 0.01
Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name.
Page 2 of 2