Eset Software » Nod32 Antivirus : Security Vulnerabilities, CVEs, Published In 2006 (Code Execution)
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
8.50%
Published
2006-12-21
Updated
2018-10-17
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
Max CVSS
7.2
EPSS Score
0.05%
Published
2006-04-08
Updated
2011-03-08
2 vulnerabilities found