Vulnerabilities > CVE-2007-2852 - Unspecified vulnerability in Eset Software Nod32 Antivirus 2.70.37.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN eset-software
nessus
Summary
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows |
| NASL id | NOD32_2_70_37_0.NASL |
| description | The version of NOD32 installed on the remote host reportedly contains two stack overflow vulnerabilities that can be triggered when the application tries to delete, disinfect, or rename an infected file in a specially-formatted directory. A remote attacker may be able to leverage these issues to execute code remotely or crash the affected service. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25293 |
| published | 2007-05-23 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25293 |
| title | NOD32 Antivirus Directory Name Handling Multiple Operation Overflows |
References
- http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt
- http://www.eset.com/support/news.php
- http://www.securityfocus.com/bid/24098
- http://secunia.com/advisories/25375
- http://securityreason.com/securityalert/2733
- http://www.vupen.com/english/advisories/2007/1911
- http://osvdb.org/36650
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34454
- http://www.securityfocus.com/archive/1/469468/100/0/threaded
- http://www.securityfocus.com/archive/1/469337/100/0/threaded
- http://www.securityfocus.com/archive/1/469300/100/0/threaded