CVE-2007-3970

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: ESET NOD32 Antivirus versions prior to 2.2289

Description: A race condition in the software allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption. This issue can be exploited to gain unauthorized access and execute malicious code.

Recommendations: For versions prior to 2.2289, update to version 2.2289 or later to resolve the issue. As a temporary workaround, consider restricting access to CAB files until the update is applied.

Fix

RCE

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2007-3970

Affected Products

Eset Nod32 Antivirus

CVE-2007-3970

Weakness Enumeration

Related Identifiers

Affected Products

References · 13