Vulnerabilities > Bitdefender
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-21 | CVE-2012-1430 | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. | 4.3 |
| 2009-04-07 | CVE-2008-6661 | Numeric Errors vulnerability in Bitdefender Antivirus Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file. | 5.0 |
| 2009-03-09 | CVE-2009-0850 | Cross-Site Scripting vulnerability in Bitdefender Internet Security 2009 Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, as demonstrated by a filename inside a (1) rar or (2) zip archive file. | 4.3 |
| 2008-12-10 | CVE-2008-5409 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. | 9.3 |
| 2008-04-30 | CVE-2008-1735 | Denial of Service vulnerability in Bitdefender Antivirus 2008 BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | 4.9 |
| 2008-01-23 | CVE-2008-0396 | Path Traversal vulnerability in Bitdefender Update Server Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. | 7.8 |
| 2007-11-30 | CVE-2007-6189 | Buffer Errors vulnerability in Bitdefender Online Anti-Virus Scanner 8.0 A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow. | 9.3 |
| 2007-11-01 | CVE-2007-5775 | Buffer Overflow vulnerability in BitDefender Online Scanner OScan.OCX ActiveX Control Heap Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. | 9.3 |
| 2007-01-19 | CVE-2007-0391 | Local Format String vulnerability in Bitdefender Client Professionalplus8.02 Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings. | 7.2 |