Vulnerabilities > Estsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-02 | CVE-2022-43665 | Unspecified vulnerability in Estsoft Alyac 2.5.8.645 A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. | 5.5 |
| 2022-05-12 | CVE-2022-21147 | Out-of-bounds Read vulnerability in Estsoft Alyac 2.5.7.7 An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. | 4.3 |
| 2019-08-30 | CVE-2019-12810 | Out-of-bounds Write vulnerability in Estsoft Alsee A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. | 6.8 |
| 2019-08-13 | CVE-2019-12807 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. | 6.8 |
| 2018-12-21 | CVE-2018-5196 | Out-of-bounds Write vulnerability in Estsoft Alzip 10.76.0.0/8.5.1 Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. | 6.8 |
| 2018-05-17 | CVE-2018-10027 | Untrusted Search Path vulnerability in Estsoft Alzip 8.0/8.12/8.21 ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders. | 4.6 |
| 2017-08-19 | CVE-2017-11323 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | 6.8 |
| 2014-11-03 | CVE-2014-8494 | Permissions, Privileges, and Access Controls vulnerability in Estsoft Alupdate 8.5.1.0.0 ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file. | 4.6 |
| 2012-09-06 | CVE-2010-5211 | Unspecified vulnerability in Estsoft Alsee 6.20.0.1 Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. local estsoft | 6.9 |
| 2006-06-07 | CVE-2006-2899 | Unspecified vulnerability in Estsoft Internetdisk Unspecified vulnerability in ESTsoft InternetDISK versions before 2006/04/20 allows remote authenticated users to execute arbitrary code, possibly by uploading a file with multiple extensions into the WebLink directory. | 6.5 |