CVE-2007-3970
ESET NOD32 Antivirus < 2.2289 - Remote Code Execution via CAB File Parsing
Title source: llmDescription
Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.
References (10)
Core 10
Core References
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/474244/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2922
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26124
Broken Link x_refsource_misc
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
Broken Link x_refsource_confirm
http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24988
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/37976
Broken Link x_refsource_misc
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35526
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2602
Scores
EPSS
0.0558
EPSS Percentile
91.9%
Details
CWE
CWE-362
Status
published
Products (1)
eset/nod32_antivirus
< 2.2289
Published
Jul 25, 2007
Tracked Since
Feb 18, 2026