VYPR

Vendor CVEs

Eset

All CVEs

62 total · sorted by risk
  • CVE-2008-5527Dec 12, 2008
    risk 0.00cvss epss 0.02

    ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a…

  • CVE-2008-5425Dec 11, 2008
    risk 0.00cvss epss 0.02

    ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other…

  • CVE-2007-3971Jul 25, 2007
    risk 0.00cvss epss 0.03

    Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.

  • CVE-2007-3972Jul 25, 2007
    risk 0.00cvss epss 0.03

    ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.

  • CVE-2007-3970Jul 25, 2007
    risk 0.00cvss epss 0.06

    Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

  • CVE-2006-6676Dec 21, 2006
    risk 0.00cvss epss 0.06

    Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.

  • CVE-2006-6677Dec 21, 2006
    risk 0.00cvss epss 0.02

    ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.

  • CVE-2006-0951Apr 8, 2006
    risk 0.00cvss epss 0.00

    The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.

  • CVE-2006-1649Apr 6, 2006
    risk 0.00cvss epss 0.00

    The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.

  • CVE-2005-3212Oct 14, 2005
    risk 0.00cvss epss 0.02

    Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar…

  • CVE-2005-2903Sep 14, 2005
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.

  • CVE-2003-0062Feb 19, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name.

Page 2 of 2