CVE-2007-3970

Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

Publication date: Wed, 25 Jul 2007 22:30:00 +0000

Cyber News related to CVE-2007-3970

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-3970 - Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption. ...
1 year ago

CVE-2005-3970 - Cross-site scripting (XSS) vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. ...
13 years ago

CVE-2013-3970 - Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority (CA) certificate ...
11 years ago

CVE-2015-3970 - Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
9 years ago

CVE-2014-3970 - The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. ...
8 years ago

CVE-2008-3970 - pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. ...
7 years ago

CVE-2009-3970 - SQL injection vulnerability in index.php in PHP Dir Submit (aka WebsiteSubmitter or Submitter Script) allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action. ...
7 years ago

CVE-2012-3970 - Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to ...
7 years ago

CVE-2006-3970 - PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. ...
7 years ago

CVE-2010-3970 - Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and ...
5 years ago

CVE-2020-3970 - VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader ...
4 years ago

CVE-2011-3970 - libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. ...
4 years ago

CVE-2019-3970 - Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a ...
3 years ago

CVE-2021-3970 - A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code. ...
2 years ago

CVE-2018-3970 - An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory ...
2 years ago

CVE-2023-3970 - A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controllerGzUser&actionedit&id1 of the component Image Handler. The ...
1 year ago

CVE-2022-3970 - A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. ...
1 year ago

CVE-2017-3970 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-3970 - Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This ...
8 months ago

CVE-2024-10068 - A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An ...
3 months ago

CVE-2024-47696 - In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs"), the function ...
3 months ago Tenable.com

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

Latest Cyber News

CVE-2025-25246 - 12 hours ago
CVE-2025-1022 - 12 hours ago
CVE-2025-1025 - 12 hours ago
CVE-2025-1026 - 12 hours ago
CVE-2025-1028 - 13 hours ago
CVE-2025-23114 - 15 hours ago
CVE-2024-53966 - 17 hours ago
CVE-2025-0413 - 17 hours ago
CVE-2024-53962 - 17 hours ago
CVE-2024-53963 - 17 hours ago
CVE-2024-53964 - 17 hours ago
CVE-2024-53965 - 17 hours ago
CVE-2023-39943 - 18 hours ago
CVE-2023-40222 - 18 hours ago
CVE-2024-11467 - 18 hours ago
CVE-2024-11468 - 18 hours ago
CVE-2024-48445 - 18 hours ago
CVE-2024-8125 - 19 hours ago
CVE-2024-13722 - 19 hours ago
CVE-2024-13723 - 19 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-13114 - 1 day ago
CVE-2024-13115 - 1 day ago
CVE-2024-13325 - 1 day ago
CVE-2024-13326 - 1 day ago
CVE-2024-13327 - 1 day ago
CVE-2024-13328 - 1 day ago
CVE-2024-13329 - 1 day ago
CVE-2024-13330 - 1 day ago
CVE-2024-13331 - 1 day ago
CVE-2024-13332 - 1 day ago
CVE-2025-0368 - 1 day ago
CVE-2025-0466 - 1 day ago
CVE-2024-12597 - 1 day ago
CVE-2024-13607 - 1 day ago
CVE-2024-10237 - 1 day ago
CVE-2024-10238 - 1 day ago
CVE-2024-10239 - 1 day ago
CVE-2024-12046 - 1 day ago
CVE-2024-13514 - 1 day ago
CVE-2025-20881 - 1 day ago