Panda Antivirus vulnerabilities

CVE-2007-4191 [MEDIUM] CVE-2007-4191: Panda Antivirus 2008 stores service executables under the product's installation directory with weak Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657.

CVE-2007-1673 [HIGH] CWE-399 CVE-2007-1673: unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVE-2007-1670 [HIGH] CVE-2007-1670: Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infin Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVE-2005-3922 [HIGH] CVE-2005-3922: Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.

CVE-2000-0541 [HIGH] CVE-2000-0541: The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without au The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.