CVE-2007-2974

4 documents4 sources

Severity

10.0CRITICAL

EPSS

20.6%

top 4.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avira Antivir Avira AV Pack

Timeline

PublishedJun 1

Latest updateMay 1

Description

Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDavira/antivir7.04.00.23

▶NVDavira/av_pack7.03.00.08

Patches

Patch: forum.antivir-pe.de ↗Patch: secunia.com ↗Patch: www.nruns.com ↗

🔴Vulnerability Details

GHSA

GHSA-422c-878v-38j5: Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7↗2022-05-01

▶

CVEList

CVE-2007-2974: Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7↗2007-06-01

▶

💬Community

Bugzilla

CVE-2007-4629 Buffer overflow via long strings passed to mapserver↗2007-08-31

▶