Описание
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Ссылки
- Mailing List
- PatchVendor Advisory
- PatchProduct
- Not Applicable
- Mailing List
- PatchVendor Advisory
- PatchProduct
- Not Applicable
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:grisoft:avg_antivirus:7.0:*:*:*:*:*:*:*
cpe:2.3:a:grisoft:avg_antivirus:7.0.251:*:*:*:*:*:*:*
cpe:2.3:a:grisoft:avg_antivirus:7.0.323:*:*:*:*:*:*:*
cpe:2.3:a:grisoft:avg_antivirus:7.1.308:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04255
Низкий
7.5 High
CVSS2
Дефекты
CWE-190
Связанные уязвимости
github
почти 4 года назад
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 89%
0.04255
Низкий
7.5 High
CVSS2
Дефекты
CWE-190