Vulnerabilities > Panda > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-24 | CVE-2008-1471 | Resource Management Errors vulnerability in Panda products The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. | 7.2 |
2007-05-09 | CVE-2007-1673 | Resource Management Errors vulnerability in multiple products unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. network low complexity amavis avast avira panda picozip rahul-dhesi unzoo winace barracuda-networks CWE-399 | 7.8 |
2007-05-09 | CVE-2007-1670 | Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | 7.8 |
2006-09-09 | CVE-2006-4657 | Local Privilege Escalation vulnerability in Panda Platinum Internet Security 200610.02.01/200711.00.00 Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. | 7.2 |
2005-11-30 | CVE-2005-3922 | Heap Overflow vulnerability in Panda Software Antivirus Library ZOO Archive Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive. | 7.5 |
2004-12-31 | CVE-2004-1904 | Remote Heap Overflow vulnerability in Panda Activescan 5.0 Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string. | 7.5 |
2000-06-17 | CVE-2000-0541 | Unspecified vulnerability in Panda Antivirus 2.0 The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command. | 7.2 |