Grisoft: >> Avg Antivirus >> 7.1.308 Security Vulnerabilities
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.038
Published
2006-11-16
Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file.
CVSS Score
10.0
EPSS Score
0.005
Published
2006-11-16
Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtained from third party information.
CVSS Score
7.8
EPSS Score
0.008
Published
2006-11-16
Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files.
CVSS Score
10.0
EPSS Score
0.004
Published
2006-11-16
Grisoft AVG Free 7.1, and other versions including 7.0.308, sets Everyone/Full Control permissions for certain update files including (1) upd_vers.cfg, (2) incavi.avm, and (3) unspecified drivers, which might allow local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2006-03-09