CVE-2007-3969

Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/26171	Vendor Advisory
http://securityreason.com/securityalert/2920
http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf
http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
http://www.securityfocus.com/archive/1/474247/100/0/threaded
http://www.securityfocus.com/bid/24989
http://www.securitytracker.com/id?1018437
http://secunia.com/advisories/26171	Vendor Advisory
http://securityreason.com/securityalert/2920
http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf
http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
http://www.securityfocus.com/archive/1/474247/100/0/threaded
http://www.securityfocus.com/bid/24989
http://www.securitytracker.com/id?1018437

Configurations

Configuration 1 (hide)

cpe:2.3:a:panda:panda_antivirus:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:34

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/26171 - Vendor Advisory~~	() http://secunia.com/advisories/26171 - Vendor Advisory
References	~~() http://securityreason.com/securityalert/2920 -~~	() http://securityreason.com/securityalert/2920 -
References	~~() http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf -~~	() http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf -
References	~~() http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt -~~	() http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt -
References	~~() http://www.securityfocus.com/archive/1/474247/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/474247/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/24989 -~~	() http://www.securityfocus.com/bid/24989 -
References	~~() http://www.securitytracker.com/id?1018437 -~~	() http://www.securitytracker.com/id?1018437 -

07 Nov 2023, 02:00

Type	Values Removed	Values Added
References	{'url': 'http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt', 'name': 'http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt', 'tags': ['Broken Link'], 'refsource': 'MISC'} {'url': 'http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf', 'name': 'http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf', 'tags': ['Broken Link'], 'refsource': 'MISC'}	() http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt - () http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf -

Information

Published : 2007-07-25 17:30

Updated : 2024-11-21 00:34

NVD link : CVE-2007-3969

Mitre link : CVE-2007-3969

CVE.ORG link : CVE-2007-3969

JSON object : View

Products Affected

panda

panda_antivirus

CWE

NVD-CWE-Other

9.3 /10