Bipin Gautam

**Name of the Vulnerable Software and Affected Versions** Outpost Firewall Pro versions prior to 3.51.759.6511 **Description** The issue allows local users to cause a denial of service, resulting in a crash, by providing long arguments to mshta.exe, which interacts with the filtnt.sys component. **Recommendations** For versions prior to 3.51.759.6511, update to version 3.51.759.6511 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: ESET NOD32 versions prior to 2.51.26 Description: The issue allows local users to create new files despite write-access directory permissions by exploiting the "restore to" selection in the "quarantine a file" capability. This can be triggered when the program does not drop its SYSTEM privileges before allowing a user to use the "Restore to..." feature to restore a quarantined file, potentially leading to a loss of integrity. It enables writing a file to an arbitrary directory with SYSTEM privileges if a file with the given filename does not already exist. Recommendations: For versions prior to 2.51.26, update to version 2.51.26 or later to resolve the issue. As a temporary workaround, consider restricting the use of the "Restore to..." feature in the "quarantine a file" capability to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Symantec Norton AntiVirus versions 2002 and 2003 **Description** The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by using a compressed archive that contains a large number of directories. **Recommendations** For Symantec Norton AntiVirus versions 2002 and 2003, consider avoiding the use of compressed archives with a large number of directories until a fix is available. As a temporary workaround, restrict access to compressed archives to minimize the risk of exploitation.