970 matches found
CVE-2014-5350
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a 1 .. dot dot in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or 2 %2E%2E encoded dot dot in the default URI to port 7074 ...
CVE-2014-5350
Bitdefender GravityZone vulnerability CVE-2014-5350 affects GravityZone before 5.1.11.432. The flaw allows directory traversal to read arbitrary files via (1) .. in id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console, and (2) encoded dot-dot in the default URI to port 7074 o...
Bitdefender GravityZone Detection
Binary data bitdefendergravityzoneinstalled.nbin...
Bitdefender GravityZone User Interface Detection
Binary data bitdefendergravityzonewebuidetect.nbin...
Bitdefender GravityZone < 5.1.11.432 Information Disclosure
The Bitdefender GravityZone install hosted on the remote web server has a directory traversal vulnerability. Input to the 'id' parameter of the '/webservice/CORE/downloadFullKitEpc/a/1' script is not properly sanitized. A remote attacker could exploit this issue to download arbitrary files, subje...
Bitdefender GravityZone multiple security vulnerabilities
Unauthorized access, authentication bypass...
SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140716-3 ======================================================================= title: Multiple critical vulnerabilities product: Bitdefender GravityZone vulnerable version: 5.1.11.432 fixed version:...
New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours
One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or...
Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
Bitdefender GravityZone versions prior to 5.1.11.432 suffer from local file disclosure, insecure service configuration, and missing authentication vulnerabilities. product: Bitdefender GravityZone vulnerable version: =5.1.11.432 impact: critical homepage: http://www.bitdefender.com found:...
Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20140716-3 ======================================================================= title: Multiple critical vulnerabilities product: Bitdefender GravityZone vulnerable version: 5.1.11.432 fixed version: =5.1.11.432...
BitDefender Products HTTP Daemon < 5.1.11.432 Directory Traversal Vulnerability - Active Check
BitDefender is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Bitdefender GravityZone File Disclosure / Missing Authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Bitdefender GravityZone vulnerable version: =5.1.11.432 impact: critical homepage...
BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Bitdefender GravityZone vulnerable version: =5.1.11.432 impact:...
BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Bitdefender GravityZone vulnerable version: =5.1.11.432 impact: critical homepage: http://www.bitdefender.com found: 2014-05-22...
BitDefender Products Update Server HTTP Daemon Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access potentially...
Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10174/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability. This issue is due to a design error that allows a remote user to specify a file to be uploaded a...
Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10175/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability. This issue is due to a design error that allows a remote user to execute a method in the offending...
BitDefender Antivirus 2008 bdelev.dll ActiveX Control Double Free Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26824/info A BitDefender Antivirus 2008 ActiveX control is prone a double-free vulnerability because of a flaw in the way that the 'bdelev.dll' library handles certain object data prior to returning it. Successfully...
ICEPOL Ransomware Servers seized by Romanian Police that infected 260,000 Computers
After Financial and Banking Malwares, Ransomware has become the first choice of money motivated cybercriminals. A new Ransomware Trojan known as ICEPOL has been one of those widespread malware which has been successfully installed approximately 267,786 times worldwide and 42,400 in the USA alone...
Antivirus firm ESET and BitDefender website Hijacked by Pro-Palestinian Hackers
A pro-Palestinian hacktivist group 'KDMS Team', who recently managed to briefly hijack the Metasploit website of security firm Rapid7 and become popular after Hacking World's largest Web Hosting Network Leaseweb website and antivirus vendors AVG, Avira as well as mobile messaging service WhatsApp...