Alwil: >> Avast Antivirus >> 4.6.460 Security Vulnerabilities
avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements.
CVSS Score
4.4
EPSS Score
0.001
Published
2007-02-07
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.
CVSS Score
5.0
EPSS Score
0.025
Published
2005-07-27
Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.
CVSS Score
7.5
EPSS Score
0.04
Published
2005-07-27