Vulnerabilities > Eset Software

DATE CVE VULNERABILITY TITLE RISK
2008-10-06 CVE-2008-4451 Permissions, Privileges, and Access Controls vulnerability in Eset Software System Analyzer Tool 1.1.1.0
The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer.
local
low complexity
eset-software CWE-264
7.2
2007-05-24 CVE-2007-2852 Buffer Overflow vulnerability in Eset Software Nod32 Antivirus 2.70.37.0
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
network
eset-software
critical
9.3
2006-12-21 CVE-2006-6677 File Parsing vulnerability in Eset Software Nod32 Antivirus 1.0.11/1.0.12/1.0.13
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
network
high complexity
eset-software
2.6
2006-12-21 CVE-2006-6676 Numeric Errors vulnerability in Eset Software Nod32 Antivirus 1.0.11/1.0.12/1.0.13
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
network
eset-software CWE-189
critical
9.3
2006-04-08 CVE-2006-0951 Local Security vulnerability in Eset Software Nod32 Antivirus 2.5
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
local
low complexity
eset-software
7.2
2006-04-06 CVE-2006-1649 Local Arbitrary File Creation vulnerability in Eset Software NOD32 Antivirus
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
local
low complexity
eset-software
7.2
2005-10-14 CVE-2005-3212 Security Bypass vulnerability in NOD32 Antivirus
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
network
high complexity
eset-software
5.1
2005-09-14 CVE-2005-2903 Remote Buffer Overflow vulnerability in Eset Software Nod32 Antivirus 2.5
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
network
low complexity
eset-software
7.5
2005-02-09 CVE-2004-0937 Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
2005-01-27 CVE-2004-0936 RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5