Antivirus Engine Security Vulnerabilities

CVE-2019-9698

Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated...

CVE-2019-8285

Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code...

CVE-2017-10706

When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP archive, it crashes with a stack-based buffer overflow because a fixed path length is...

CVE-2017-10674

Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl...

CVE-2005-0643

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA...

CVE-2005-0644

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of...

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target...

CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection.....

CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target...

CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target...

CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from...

CVE-2004-0935

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target...

CVE-2004-1096

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target...