Lucene search
K

57 matches found

Openbugbounty
Openbugbounty
added 2018/03/12 2:53 p.m.11 views

my.drweb.com XSS vulnerability

Open Bug Bounty ID: OBB-578961 Description| Value ---|--- Affected Website:| my.drweb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
hackapp
hackapp
added 2017/02/02 6:28 a.m.15 views

Anti-virus Dr.Web Light - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Anti-virus Dr.Web Light published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:30 a.m.14 views

Dr.Web Security Space - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Dr.Web Security Space published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2014/10/06 2:3 a.m.11 views

Over 17000 Mac Machines Affected by 'iWorm' Botnet Malware

A newly discovered zombie network that exclusively targets Apple computers running Mac OS X across the globe has compromised roughly 17,000 machines so far, giving hackers backdoor access to infected computers, researchers at Russian antivirus firm Dr.Web warned. According to a survey of traffic...

6.6AI score
Exploits0
NVD
NVD
added 2012/08/25 9:55 p.m.20 views

CVE-2010-5159

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

7CVSS6.7AI score0.00298EPSS
Exploits0References9
Prion
Prion
added 2012/08/25 9:55 p.m.28 views

Race condition

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.2CVSS7.2AI score0.00298EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2012/08/25 9:0 p.m.24 views

CVE-2010-5159

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.7AI score0.00298EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2012/08/25 9:0 p.m.9 views

CVE-2010-5159

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

7AI score0.00298EPSS
Exploits0References9
CVE
CVE
added 2012/08/25 9:0 p.m.48 views

CVE-2010-5159

CVE-2010-5159 describes a race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP that allows local users to bypass kernel-mode hook handlers and run code that would otherwise be blocked by a handler, via certain user-space memory changes during hook-handler execution (KHOBE/argumen...

7CVSS6.9AI score0.00298EPSS
Exploits0References9Affected Software1
seebug.org
seebug.org
added 2012/07/20 12:0 a.m.14 views

Android Dr. Web Anti-Virus信息泄露漏洞

Android Dr.Web Anti-virus是一款基于安卓平台的杀毒软件。 当处理com.drweb.activities.antispam.CursorActivit类中的SQL查询时存在错误,可被利用泄露呼叫历史和SMS消息。 0 Dr.Web Anti-virus for Android 7.x 厂商解决方案 Dr.Web Anti-virus for Android 7.00.2已经修复此漏洞,建议用户下载使用: http://news.drweb.com/show/?c=5&i=2573&lng=en...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/18 12:0 a.m.26 views

Dr.Web antivirus SQL injection

SQL injection in com.drweb.activities.antispam.CursorActivity class of android antivirus allows untrusted applications to access SMS archive...

4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/07/18 12:0 a.m.64 views

[PT-2012-23] SQL Injection in Dr.Web Anti-virus

----------------------------------------------------------------------------- PT-2012-23 Positive Technologies Security Advisory SQL Injection in Dr.Web Anti-virus ----------------------------------------------------------------------------- --- Vulnerable software Dr.Web Anti-virus Version: 7.00...

0.6AI score
Exploits0
NVD
NVD
added 2012/03/21 10:11 a.m.18 views

CVE-2012-1447

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...

4.3CVSS6.4AI score0.67963EPSS
Exploits0References4
Prion
Prion
added 2012/03/21 10:11 a.m.18 views

Code injection

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway formerly Webwasher 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eiversion field. NOTE:...

4.3CVSS7AI score0.88387EPSS
Exploits0References3Affected Software6
Prion
Prion
added 2012/03/21 10:11 a.m.21 views

Design/Logic Flaw

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...

4.3CVSS7AI score0.67963EPSS
Exploits0References4Affected Software4
Cvelist
Cvelist
added 2012/03/21 10:0 a.m.21 views

CVE-2012-1447

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is...

6.4AI score0.67963EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/03/21 10:0 a.m.24 views

CVE-2012-1454

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway formerly Webwasher 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eiversion field. NOTE:...

6.5AI score0.88387EPSS
Exploits0References3
CVE
CVE
added 2012/03/21 10:0 a.m.52 views

CVE-2012-1453

CVE-2012-1453 affects multiple antivirus products whose CAB file parsers can bypass malware detection when a CAB file’s coffFiles field is modified. Affected vendors/products include Dr.Web 5.0.2.03300; Trend Micro HouseCall 9.120.0.1004; Kaspersky Anti-Virus 7.0.0.125; Sophos Anti-Virus 4.61.0; ...

4.3CVSS6.6AI score0.9771EPSS
Exploits0References11Affected Software14
CVE
CVE
added 2012/03/21 10:0 a.m.61 views

CVE-2012-1454

The CVE-2012-1454 entry notes that the ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 can be bypassed by a modified ei_version field in an ELF file, enabling a remo...

4.3CVSS6.7AI score0.88387EPSS
Exploits0References3Affected Software6
NVD
NVD
added 2006/09/20 11:7 p.m.19 views

CVE-2006-4438

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name...

6.4CVSS8.2AI score0.10239EPSS
Exploits0References4
Rows per page
Query Builder