EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow

BitDefender Online Scanner 8 Double Decode Heap Overflow Release Date: November 20, 2007 Date Reported: October 24, 2007 Severity: High Remote Code Execution Vendor: BitDefender / SOFTWIN - http://www.bitdefender.com Systems Affected: BitDefender Online Scan Users Overview: eEye Digital Security...

BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free

BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free source: https://www.securityfocus.com/bid/26824/info A BitDefender Antivirus 2008 ActiveX control is prone a double-free vulnerability because of a flaw in the way that the 'bdelev.dll' library handles certain object data prior t...

BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free

source: https://www.securityfocus.com/bid/26824/info A BitDefender Antivirus 2008 ActiveX control is prone a double-free vulnerability because of a flaw in the way that the 'bdelev.dll' library handles certain object data prior to returning it. Successfully exploiting this issue allows remote...

Design/Logic Flaw

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigne...

CVE-2007-5775

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigne...

CVE-2007-5775

CVE-2007-5775 affects BitDefender Online Scanner ActiveX controls (OScan.ocx / OScan8.ocx). The vulnerability is a buffer overflow in the ActiveX control’s InitX/InitX-like handling and related Unicode processing, caused by improper validation and a double Unicode decoding, enabling a remote atta...

CVE-2007-5775

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigne...

CVE-2007-5775

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigne...

Softwin's anti-virus BitDefender contains vulnerable zlib (CA-2007-07)

At least the freeware version of Softwin's anti-virus solution BitDefender Free Edition http://www.bitdefender.com/site/view/Download-Free-Products.html http://download.bitdefender.com/windows/free/winfree/en/bitdefenderfreev10.exe ships with a completely outdated zlib 1.1.3 http://www.zlib.net/...

BitDefender Detection

Binary data 3889.prm...

BitDefender Antivirus Detection and Status

BitDefender, a commercial antivirus software package for Windows, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date. C Tenable Network Security, Inc. include"compat.inc"; i...

BitDefender Client Log Creation Functionality Format String

The version of BitDefender installed on the remote host fails to sanitize scan job settings of format strings. By leveraging this flaw, a local attacker may be able to crash the antivirus application or possibly even gain complete control of the affected system. C Tenable Network Security, Inc...

Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability

================================================ Layered Defense Research Advisory 18 January 2007 ================================================ 1 Affected Software BitDefender Client Professional Plus build 8.02 ================================================ 2 Severity Rating: Low risk...

BitDefender client format string vulnerability

Format string vulnerability on scan settings logging...

Format string

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

CVE-2007-0391

BitDefender Client Professional Plus 8.02 is affected by a format-string vulnerability in the log-creation functionality. An attacker could leverage this flaw via certain scan job settings to execute arbitrary code or take control of the affected system. The description and references across NVD/...

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

多个BitDefender产品PE文件解析引擎整数溢出漏洞

BitDefender是罗马尼亚的一家安全厂商，产品包含多种杀毒软件。 BitDefender杀毒引擎在解析某些打包的PE文件时存在整数溢出漏洞，如果用户受骗打开了特制PE文件的话，就可能触发堆溢出，导致执行任意指令。 Softwin BitDefender Online Scanner Softwin BitDefender Mail Protection for Enterprise Softwin BitDefender Internet Security Softwin BitDefender for MS Exchange 5.5 Softwin BitDefender for...

CVE-2006-6627

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allo...