CVE-2007-3969 - Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code

CVE-2007-3969

Summary

Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."

References

Vulnerable Configurations

cpe:2.3:a:panda:panda_antivirus:*:*:*:*:*:*:*:*
cpe:2.3:a:panda:panda_antivirus:*:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 15-10-2018 - 21:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	24989
bugtraq	20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory
misc	http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
sectrack	1018437
secunia	26171
sreason	2920

Last major update

15-10-2018 - 21:32

Published

25-07-2007 - 17:30

Last modified

15-10-2018 - 21:32