EUVD-2005-3219

Malware in sbrugna...

EUVD-2001-0675

Malware in sbrugna...

EUVD-2003-1334

Malware in sbrugna...

Trend Micro Virus Control System 1.8 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6618/info An information disclosure vulnerability has been reported for TVCS. Reportedly, it is possible for an attacker to access the log files generated by TVCS. The log files contain very sensitive information about th...

Multiple MicroWorld eScan Products Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25493/info Multiple MicroWorld eScan products are vulnerable to a local privilege-escalation vulnerability because of insecure default file permissions. Attackers can exploit this issue to execute arbitrary code with...

CVE-2003-1344

Trend Micro Virus Control System TVCS Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files...

CVE-2003-1344

The affected component is Trend Micro Virus Control System (TVCS) Log Collector. The vulnerability allows remote attackers to access log files by requesting getservers.exe with the action parameter set to "selects1", exposing usernames, encrypted passwords, and other sensitive information. The CV...

CVE-2003-1342

The CVE-2003-1342 entry concerns Trend Micro Virus Control System (TVCS) 1.8 running on IIS, where remote attackers can trigger a denial of service by issuing multiple URL requests for ActiveSupport.exe, causing memory consumption on IIS. The available sources confirm the vendor/product/version a...

CVE-2003-1342

Trend Micro Virus Control System TVCS 1.8 running with IIS allows remote attackers to cause a denial of service memory consumption in IIS via multiple URL requests for ActiveSupport.exe...

Information disclosure

MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions Everyone:Full Control for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe...

CVE-2007-4648

The nvcoaft51 driver in Norman Virus Control NVC 5.82 uses weak permissions unrestricted write access for the NvcOa device, which allows local users to gain privileges by 1 triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by 2 sending a crafted KEVENT...

CVE-2007-4649

CVE-2007-4649 impacts MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1. The underlying issue is weak permissions (Everyone: Full Control) on installation directory trees, enabling local users to replace application files (e.g., traysser.exe) and pote...

CVE-2007-4648

The CVE-2007-4648 entry describes a local privilege escalation in Norman Virus Control (NVC) 5.82 via the nvcoaft51 driver. The NvcOa device exposes weak permissions (unrestricted write access), enabling exploitation by: (1) triggering a kernel pool buffer overflow through a string argument to io...

CVE-2007-4649

MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions Everyone:Full Control for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe...

CVE-2007-4648

The nvcoaft51 driver in Norman Virus Control NVC 5.82 uses weak permissions unrestricted write access for the NvcOa device, which allows local users to gain privileges by 1 triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by 2 sending a crafted KEVENT...

Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit

No description provided by source. / Norman Virus Control nvcoaft51.sys ioctl BF672028 exploit Abstract nvcoaft51.sys driver receive as parameter in some ioctl's a pointer to a KEVENT struct, calling KeSetEvent without any prior check. The device created by the driver NvcOa can be opened by any...

norton-local.txt

/ Norman Virus Control nvcoaft51.sys ioctl BF672028 exploit Abstract nvcoaft51.sys driver receive as parameter in some ioctl's a pointer to a KEVENT struct, calling KeSetEvent without any prior check. The device created by the driver NvcOa can be opened by any user. As result, a user can send a...

Norman Virus Control - nvcoaft51.sys ioctl BF672028

Norman Virus Control - nvcoaft51.sys ioctl BF672028 / Norman Virus Control nvcoaft51.sys ioctl BF672028 exploit Abstract nvcoaft51.sys driver receive as parameter in some ioctl's a pointer to a KEVENT struct, calling KeSetEvent without any prior check. The device created by the driver NvcOa can b...

Microworld eScan (Multiple Products) - Local Privilege Escalation

source: https://www.securityfocus.com/bid/25493/info Multiple MicroWorld eScan products are vulnerable to a local privilege-escalation vulnerability because of insecure default file permissions. Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful...

Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit

Exploit for unknown platform in category local exploits ========================================================= Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit ========================================================= / Norman Virus Control nvcoaft51.sys ioctl BF672028 exploit Abstrac...