57 matches found
my.drweb.com XSS vulnerability
Open Bug Bounty ID: OBB-578961 Description| Value ---|--- Affected Website:| my.drweb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Anti-virus Dr.Web Light - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Anti-virus Dr.Web Light published at the 'play' market has multiple vulnerabilities...
Dr.Web Security Space - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Dr.Web Security Space published at the 'play' market has multiple vulnerabilities...
Over 17000 Mac Machines Affected by 'iWorm' Botnet Malware
A newly discovered zombie network that exclusively targets Apple computers running Mac OS X across the globe has compromised roughly 17,000 machines so far, giving hackers backdoor access to infected computers, researchers at Russian antivirus firm Dr.Web warned. According to a survey of traffic...
CVE-2010-5159
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
Race condition
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
CVE-2010-5159
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
CVE-2010-5159
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
CVE-2010-5159
CVE-2010-5159 describes a race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP that allows local users to bypass kernel-mode hook handlers and run code that would otherwise be blocked by a handler, via certain user-space memory changes during hook-handler execution (KHOBE/argumen...
Android Dr. Web Anti-Virus信息泄露漏洞
Android Dr.Web Anti-virus是一款基于安卓平台的杀毒软件。 当处理com.drweb.activities.antispam.CursorActivit类中的SQL查询时存在错误,可被利用泄露呼叫历史和SMS消息。 0 Dr.Web Anti-virus for Android 7.x 厂商解决方案 Dr.Web Anti-virus for Android 7.00.2已经修复此漏洞,建议用户下载使用: http://news.drweb.com/show/?c=5&i=2573&lng=en...
Dr.Web antivirus SQL injection
SQL injection in com.drweb.activities.antispam.CursorActivity class of android antivirus allows untrusted applications to access SMS archive...
[PT-2012-23] SQL Injection in Dr.Web Anti-virus
----------------------------------------------------------------------------- PT-2012-23 Positive Technologies Security Advisory SQL Injection in Dr.Web Anti-virus ----------------------------------------------------------------------------- --- Vulnerable software Dr.Web Anti-virus Version: 7.00...
CVE-2012-1447
The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...
Code injection
The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway formerly Webwasher 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eiversion field. NOTE:...
Design/Logic Flaw
The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...
CVE-2012-1447
The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...
CVE-2012-1454
The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway formerly Webwasher 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eiversion field. NOTE:...
CVE-2012-1453
CVE-2012-1453 affects multiple antivirus products whose CAB file parsers can bypass malware detection when a CAB file’s coffFiles field is modified. Affected vendors/products include Dr.Web 5.0.2.03300; Trend Micro HouseCall 9.120.0.1004; Kaspersky Anti-Virus 7.0.0.125; Sophos Anti-Virus 4.61.0; ...
CVE-2012-1454
The CVE-2012-1454 entry notes that the ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 can be bypassed by a modified ei_version field in an ELF file, enabling a remo...
CVE-2006-4438
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name...