MidnightBSD

Advisories for panda

CVE-2000-0264 LOW

Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_security 3.0
CVE-2000-0265 MEDIUM

Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_security 3.0
CVE-2000-0541 HIGH

The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_antivirus 2.0
CVE-2001-1149 MEDIUM

Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_antivirus_platinum *
CVE-2004-1904 HIGH

Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda activescan 5.0
CVE-2004-1905 MEDIUM

ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda activescan 5.0
CVE-2005-3380 MEDIUM

Multiple interpretation error in Panda Titanium 2005 4.02.01 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda titanium_2005 4.02.01
CVE-2005-3922 HIGH

Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_exchangesecure *
panda panda_businessecure_antivirus *
panda panda_antivirus 2.0
panda panda_filesecure *
panda panda_panda_enterprisecure_antivirus *
panda panda_webadmin *
panda panda_titanium *
panda panda_truprevent_personal 2006
panda panda_clientshield_with_truprevent_technologies *
panda panda_titanium_2005_antivirus *
panda panda_enterprisecure_with_truprevent_technologies *
panda panda_truprevent_personal 2005
panda panda_filesecure_with_truprevent_technologies *
panda panda_gatedefender *
panda panda_antivirus_platinum 2.0
panda panda_titanium_2006_antivirus_+_antispyware *
panda panda_isa_secure *
panda panda_activescan 5.0
panda panda_platinum_2006_internet_security *
panda panda_security 3.0
CVE-2007-3969 HIGH

Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
panda panda_antivirus *
CVE-2009-3735 HIGH

The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
panda panda_activescan 2.0