cbcvebase.

Quickheal Antivirus Pro vulnerabilities

8 known vulnerabilities affecting quickheal/antivirus_pro.

Total CVEs
8
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH4

Vulnerabilities

Page 1 of 1
CVE-2013-6767P3HIGHCVSS 7.2PoCv7.0.0.12013-12-20
CVE-2013-6767 [HIGH] CWE-119 CVE-2013-6767: Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE file.
nvd
CVE-2017-8773P3CRITICALCVSS 9.8≤ 10.1.0.3162017-05-04
CVE-2017-8773 [CRITICAL] CWE-787 CVE-2017-8773: Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVi Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privile
nvd
CVE-2017-5005P3CRITICALCVSS 9.8≤ 10.1.0.3162017-01-02
CVE-2017-5005 [CRITICAL] CWE-787 CVE-2017-5005: Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 1 Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.
nvd
CVE-2017-8775P3CRITICALCVSS 9.8≤ 10.1.0.3162017-05-04
CVE-2017-8775 [CRITICAL] CWE-787 CVE-2017-8775: Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVi Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
nvd
CVE-2017-8774P3CRITICALCVSS 9.8≤ 10.1.0.3162017-05-04
CVE-2017-8774 [CRITICAL] CWE-787 CVE-2017-8774: Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVi Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
nvd
CVE-2020-9362P3HIGHCVSS 7.8v2019-112020-02-24
CVE-2020-9362 [HIGH] CWE-436 CVE-2020-9362: The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
nvd
CVE-2017-8776P4HIGHCVSS 7.5≤ 10.1.0.3162017-05-04
CVE-2017-8776 [HIGH] CVE-2017-8776: Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVi Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.
nvd
CVE-2018-8090P4HIGHCVSS 7.8v17.002018-07-25
CVE-2018-8090 [HIGH] CWE-427 CVE-2018-8090: Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.
nvd
Quickheal Antivirus Pro vulnerabilities | cvebase