Vulnerabilities > Estsoft

DATE CVE VULNERABILITY TITLE RISK
2023-02-02 CVE-2022-43665 Unspecified vulnerability in Estsoft Alyac 2.5.8.645
A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645.
local
low complexity
estsoft
5.5
2022-08-05 CVE-2022-29886 Integer Overflow or Wraparound vulnerability in Estsoft Alyac 2.5.8.544
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files.
local
low complexity
estsoft CWE-190
7.8
2022-08-05 CVE-2022-32543 Integer Overflow or Wraparound vulnerability in Estsoft Alyac 2.5.8.544
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files.
local
low complexity
estsoft CWE-190
7.8
2022-05-12 CVE-2022-21147 Out-of-bounds Read vulnerability in Estsoft Alyac 2.5.7.7
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7.
network
estsoft CWE-125
4.3
2019-08-30 CVE-2019-12810 Out-of-bounds Write vulnerability in Estsoft Alsee
A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39.
network
estsoft CWE-787
6.8
2019-08-13 CVE-2019-12808 Permissions, Privileges, and Access Controls vulnerability in Estsoft Altools 18.1
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission.
local
low complexity
estsoft CWE-264
7.2
2019-08-13 CVE-2019-12807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip
Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format.
6.8
2018-12-21 CVE-2018-5196 Out-of-bounds Write vulnerability in Estsoft Alzip 10.76.0.0/8.5.1
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking.
network
estsoft CWE-787
6.8
2018-05-17 CVE-2018-10027 Untrusted Search Path vulnerability in Estsoft Alzip 8.0/8.12/8.21
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders.
local
low complexity
estsoft CWE-426
4.6
2017-08-19 CVE-2017-11323 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip
Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename.
network
estsoft CWE-119
6.8