6 matches found
CVE-2007-3969
Panda Antivirus contains a buffer overflow in its EXE file parsing engine, exploitable via a specially crafted EXE before 2007-07-20. The root cause is described as an Integer Cast Around, enabling remote code execution with no user interaction. Affected component: Panda Antivirus file parsing/en...
CVE-2005-3922
CVE-2005-3922 describes a heap-based buffer overflow in Panda Software Antivirus library (pskcmp.dll) when scanning ZOO archives. The root cause is a boundary/size handling error while decompressing user-supplied archives, potentially enabling arbitrary code execution with the target’s privileges...
CVE-2000-0541
The CVE-2000-0541 entry concerns Panda Antivirus console on port 2001, where local users can run arbitrary commands without authentication via CMD. The affected component is the console/service listening on port 2001; the root cause is improper authentication allowing local command execution. The...
CVE-2007-1670
CVE-2007-1670 affects Panda Software Antivirus before 20070402. The vulnerability allows a remote attacker to trigger a denial of service (infinite loop) by feeding a ZOO archive whose direntry structure points to a previously processed file. Public sources in the connected documents confirm Pand...
CVE-2007-1673
CVE-2007-1673 concerns unzoo.c (used in AMaViS 2.4.1 and older) where a ZOO archive direntry can reference a previously processed file, causing an infinite loop DoS. The root cause is a mismanaged traversal of direntries (next pointers) that may loop, leading to 100% CPU or blocking behavior when...
CVE-2007-4191
CVE-2007-4191 affects Panda antivirus products (e.g., Panda Platinum Internet Security 2006/2007) where service executables are stored in the installation directory with weak permissions. The vulnerability allows local users to elevate privileges to LocalSystem by modifying executable files such ...