Avast Antivirus Security Vulnerabilities
Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP...
6.9AI Score
0.004EPSS
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo...
6.1AI Score
0.975EPSS
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0,...
6.1AI Score
0.974EPSS
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware...
6.7AI Score
0.975EPSS
Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM...
8AI Score
0.046EPSS
avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg...
6.2AI Score
0.006EPSS
Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast...
8.2AI Score
0.171EPSS
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous...
6.8AI Score
0.041EPSS
avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous...
6.7AI Score
0.041EPSS
avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication...
6.8AI Score
0.0004EPSS
Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the...
8.2AI Score
0.044EPSS
Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack...
7.5AI Score
0.006EPSS
avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/avast4 temporary...
7.1AI Score
0.0004EPSS
avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those...
7.5AI Score
0.001EPSS
Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even...
7.4AI Score
0.003EPSS
Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long...
8.1AI Score
0.053EPSS
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute...
7.7AI Score
0.003EPSS
Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 and possibly other versions allows local users to cause a denial of service (system crash) and possibly execute arbitrary code via certain signals combined with crafted...
8.3AI Score
0.0004EPSS
Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain...
7.4AI Score
0.002EPSS