PrevxCVEs & Vulnerabilities

7 CVEs affecting Prevx products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

prevx 3prevx pro 2005 2prevx1 1prevx home 1
CVE-2010-5174MEDIUM

Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

26 Aug 2012
6.2
CVSS
CVE-2012-1444MEDIUM

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

21 Mar 2012
4.3
CVSS
CVE-2012-1441MEDIUM

The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e_ fields. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different EXE parser implementations.

21 Mar 2012
4.3
CVSS
CVE-2008-5538CRITICAL

Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

12 Dec 2008
9.3
CVSS
CVE-2005-2144LOW

Prevx Pro 2005 1.0 allows local users to bypass file protection and modify files by using MapViewOfFile to perform memory mapping on the file.

5 Jul 2005
2.1
CVSS
CVE-2005-2145MEDIUM

The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message.

5 Jul 2005
4.6
CVSS
CVE-2004-1193MEDIUM

Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable.

10 Jan 2005
6.6
CVSS
← PrevPage 1 / 1Next →