970 matches found
CVE-2008-0396
Directory traversal vulnerability in BitDefender Update Server http.exe, as used in BitDefender products including Security for Fileservers and Enterprise Manager BDEM, allows remote attackers to read arbitrary files via .. dot dot sequences in an HTTP request...
CVE-2008-0396
CVE-2008-0396 is a directory traversal vulnerability in BitDefender Update Server (http.exe) used by BitDefender products. The vulnerability allows an unauthenticated remote attacker to read arbitrary files by crafting HTTP requests with directory traversal sequences (..). The issue affects the U...
bitdefen-file.txt
BitDefender Update Server - Unauthorized Remote File Access Vulnerability ==================================================== Affected Products: - BitDefender Security for Fileservers - BitDefender Enterprise Manager BDEM - All BitDefender Products, using their internal update server product...
BitDefender Update Server HTTP Request Traversal Arbitrary File Access
The version of BitDefender Update Server running on the remote host fails to sanitize request strings of directory traversal sequences, which allows an unauthenticated attacker to read files outside the web server's document directory. Note that the server runs with LocalSystem privileges by...
BitDefender Update Server Detection
The remote web server is a BitDefender Update Server, used for centralized updates of BitDefender products on a local network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid30020; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate",...
BitDefender Update Server directory traversal
HTTP server directory traversal with /../...
BitDefender Products - Update Server HTTP Daemon Directory Traversal
BitDefender Products - Update Server HTTP Daemon Directory Traversal source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an...
BitDefender Products - Update Server HTTP Daemon Directory Traversal
source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access potentially sensitive information that could aid in...
Heap overflow
A certain ActiveX control in 1 OScan8.ocx and 2 Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leadi...
CVE-2007-6189
A certain ActiveX control in 1 OScan8.ocx and 2 Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leadi...
CVE-2007-6189
CVE-2007-6189 affects BitDefender Online Anti-Virus Scanner 8.0 via two ActiveX controls (OScan8.ocx and Oscan81.ocx). A long argument to the InitX method that begins with the sequence “%%” is misparsed as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based ...
CVE-2007-6189
A certain ActiveX control in 1 OScan8.ocx and 2 Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leadi...
BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit
No description provided by source. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BitDefender OScan8.ocx / Oscan81.ocx ActiveX Exploit =-=-=-=-=-=-=-=-=-=-=-=-PRIVATE! NOT PUBLIC!=-=-=-=-=-=-=-=-=-=-=-=- http://research.eeye.com/html/advisories/published/AD20071120.html...
bitdefenderoscan-activex.txt
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BitDefender OScan8.ocx / Oscan81.ocx ActiveX Exploit =-=-=-=-=-=-=-=-=-=-=-=-PRIVATE! NOT PUBLIC!=-=-=-=-=-=-=-=-=-=-=-=- http://research.eeye.com/html/advisories/published/AD20071120.html http://secunia.com/advisories/27717...
BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================== BitDefender Online Scanner 8 ActiveX Heap Overflow Exploit ==========================================================...
BitDefender Online Scanner 8 - ActiveX Heap Overflow
BitDefender Online Scanner 8 - ActiveX Heap Overflow =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BitDefender OScan8.ocx / Oscan81.ocx ActiveX Exploit =-=-=-=-=-=-=-=-=-=-=-=-PRIVATE! NOT PUBLIC!=-=-=-=-=-=-=-=-=-=-=-=-...
BitDefender Online Scanner 8 - ActiveX Heap Overflow
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BitDefender OScan8.ocx / Oscan81.ocx ActiveX Exploit =-=-=-=-=-=-=-=-=-=-=-=-PRIVATE! NOT PUBLIC!=-=-=-=-=-=-=-=-=-=-=-=- http://research.eeye.com/html/advisories/published/AD20071120.html http://secunia.com/advisories/27717...
BitDefender Online Anti-Virus Scanner ActiveX OScan8.ocx / OScan8.ocx InitX Method Arbitrary Code Execution
The remote host contains the 'BDSCANONLINE' ActiveX control, used by the BitDefender Online Scanner, a web-based virus scanner. The version of this control installed on the remote host fails to properly validate Unicode values passed to the 'InitX' function as a domain key. If a remote attacker c...
BitDefender在线扫描器OScan.OCX ActiveX控件堆溢出漏洞
BUGTRAQ ID: 26210 CVECAN ID: CVE-2007-5775 BitDefender Online Scanner是一款免费的在线杀毒软件。 BitDefender在线扫描器所捆绑的OScan.ocx控件中存在远程代码执行漏洞,远程攻击者可能利用此漏洞在用户系统上执行任意指令。 OScan.ocx的有漏洞函数为InitX,该函数取得了bstrLocation的字符串参数值用于确认调用域。InitX的IDL类似于以下: Function InitX ByVal bstrLocation as String As Boolean...
BitDefender online antivirus scanner ActiveX buffer overflow
Buffer overflow in InitX method...