Fiche créée le 2005-10-02 00:11:54, dernière mise à jour le 2008-03-02 23:53:45
Multiple AntiVirus products contains a flaw that may allow a remote attacker to bypass antivirus protection. The problem is that these products do not scan filenames that contain extended ASCII characters, which may allow a remote attacker to execute arbitrary code resulting in a loss of integrity.
|
| |
| SOFTWIN Unknown or Unspecified Affected |
| Comodo Inc. Unknown or Unspecified Affected |
| ALWIL Software Unknown or Unspecified Affected |
| Cat Computer Services (P) Ltd. Unknown or Unspecified Affected |
| Abacre Software Unknown or Unspecified Affected |
| Deerfield.com Unknown or Unspecified Affected |
| AntiVir PersonalProducts GmbH Unknown or Unspecified Affected |
| Tomasz Kojm Unknown or Unspecified Affected |
| Antiy Labs Unknown or Unspecified Affected |
| |
Attack Type : Input Manipulation
XSS, SQL injection, file retrieval, directory traversal, overflows, URL encoding. |
Découvert le 2005-09-30 00:14:03
|
| Exploit : Exploit Public |
Exploit découvert le 2005-09-29 07:00:00
|
Impact : Loss of Integrity
Assurance that data is unaltered by unauthorized persons.
Examples: XSS, arbitrary command execution, most overflows, most format strings, SQL injection, unauthorized file modification/deletion/creation, remote file inclusion, etc. |
| |
Location : Remote / Network Access
If network access if required and exploit can be done remotely. |
| |
| |
| External refs : |
| OSVDB 19749 |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
