Lucene search
K
EstsoftAlyac

4 matches found

CVE
CVE
added 2022/08/05 9:20 p.m.124 views

CVE-2022-29886

ESTsoft Alyac 2.5.8.544 is affected by CVE-2022-29886 due to an integer overflow when parsing OLE files, causing a heap-based buffer overflow that can lead to arbitrary code execution. TALOS confirms the vulnerability occurs when processing the OLE header’s Number of Mini FAT sectors; an overflow...

7.8CVSS6.9AI score0.00459EPSS
CVE
CVE
added 2022/08/05 9:20 p.m.83 views

CVE-2022-32543

ESTsoft Alyac 2.5.8.544 is affected by an integer overflow in OLE file parsing that causes a heap buffer overflow and can enable arbitrary code execution when a user opens a specially crafted OLE file. Talos/TALOS-2022-1527 details show the overflow occurs during heap allocation: a 32-bit truncat...

7.8CVSS6.9AI score0.00461EPSS
CVE
CVE
added 2022/05/12 5:1 p.m.70 views

CVE-2022-21147

ESTsoft Alyac 2.5.7.7 contains an out-of-bounds read in the malware scan module (coen.aym) used when parsing PE files, which can crash Alyac and effectively stop the malware scan. TALOS confirms the vulnerability exists in the Alyac PE scanning path and identifies the exact module path and a loop...

5.5CVSS5.3AI score0.00638EPSS
CVE
CVE
added 2023/02/02 9:59 a.m.66 views

CVE-2022-43665

ESTsoft Alyac 2.5.8.645 is affected by CVE-2022-43665 due to a denial-of-service caused by an NT header out-of-bounds read in the malware-scanning path. Talos details show the crash occurs while Alyac analyzes a PE file, specifically when GetTextSectionRange interacts with the NT header after par...

5.5CVSS5.4AI score0.00327EPSS