Comodo AntiVirus version 2.0 ExecuteStr() remote command execution exploit.
860eaa5b7ca93f42fedbecfe93bbdec266a10c29dab3d1d52b87859defc21004
VirusScan Enterprise Antivirus product may have a bug (or a vulnerability) in its parser that can lead to wrong action status messages and reports, malicious file scan bypass, and name spoofing by adding the magic line to the beginning of the file header.
2245ea07c6a13e3cfa317e75e1bd13e79210f3bafacb32336208b8c41a1e3a8f
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
db6c5e1a5ec8ca0b8006cf82661d3158d3365ba1b4bc14c03c5d0bca89a93c0d
Many different AntiVirus products suffer from various file-parsing evasion vulnerabilities. Some of the affected pieces of software include AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, and Panda 10.0.
193275575de0eac59e8a98740fa704a8e2265457fd5a44adfa2b9f9c7719d0d6
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
958dd09c9da9ceb50c9e556b3ced9cbdf40e836d2bdc98286ce96e84fd4a5a53
Carbylamine PHP Encoder is a PHP Encoder for obfuscating/encoding PHP files so that antivirus detection signatures can be bypassed.
6f197acdeea20ab9bfd507bc9b7b41f814bbf276f8f26d7b7d2f1d89744c1b14
PrivaWall Antivirus suffers from an Office XML format evasion / bypass vulnerability. Versions 5.6 and below are affected.
57c9ab5ac6dd39653d293a5937b5378a8b03f2696525cb2d336fa349b059e84b
Secunia Security Advisory - A vulnerability has been reported in Kingsoft Antivirus 2011, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
efdc7d8f122e4d4ced8aa4c0f3a93133f1d8920bee9c49a7df3f954fc2945d66
Various antivirus software on Windows fails to detect, block and/or move malware if the executable file has only execution permission and no read, write, or other bits set.
879cd8a29ab09f08b7c40d225925d5e8508b102a9ffe9d1dc4638c067da81f49
Gentoo Linux Security Advisory 201110-20 - Multiple vulnerabilities were found in Clam AntiVirus, the most severe of which may allow the execution of arbitrary code. Versions less than 0.97.3 are affected.
8a4cb5b5ff29de3a4a524379def9f673e2628a57bd1fb5f9d7b6f15abab93201
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
3a8cece5b7e6b15410f6b8f96ff5591b2c5a72f290ee8a28fefda44cb5ae7aba
Whitepaper called Social Engineering Toolkit. This article covers backdooring executables and evading antivirus using scripts included with BackTrack.
fbcf75008182e4dbcd87643f245856c70110db2cf8ab3517e184bc997d649044
This paper describes the results of a thorough examination of Sophos Antivirus internals. The author presents a technical analysis of claims made by the vendor, and publishes the tools and reference material required to reproduce their results. Furthermore, they examine the product from the perspective of a vulnerability researcher, exploring the rich attack surface exposed, and demonstrating weaknesses and vulnerabilities.
57ecb0848e5b99ef5678dc00d7aabb2718195a8bb23f387f2d5ff429df854455
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
91503f8cff482cac1f2c951c5d62a7da8a17ba3b32eb8fa2800e29c03c7cd58a
Kingsoft AntiVirus 2012 KisKrnl.sys versions 2011.7.8.913 and below local kernel mode privilege escalation exploit.
9d7b340d71c50c87f2f1c7b9ede1151660b6b9dbb1ac032dcdc173e51908c3b4
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
69e9c102d56348266b6597d6d401b0a5a2190e158b78e75ee0591f90479ed2ca
rcat is a rewritten netcat replacement for Windows that was created solely to bypass antivirus detection. Source and binary are included.
47d99164764aee28c3624162f20e22d0ac53ad72dd130b374cc7444bfc82d0b9
Avira AntiVirus local proof of concept exploit that creates a malicious QUA file.
e2ef3c0258d84a42617b7cddadf0129c7b654cd36d3ad3612bbf696e8749f11f
McAfee Virusscan Antivirus Quarantined File Restore Utility is a useful python script that extracts a file quarantined with the BUP extension by McAfee Virusscan.
b8d0534550bfc32234180545ca6a832d08dbbaef57550859d2a80ae9c79315e3
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
ec5d88303c0a6e1d8e1354b68ae8c184faee7989aac11dfacff466d9e0471932
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6c439b2282a805b2f1359b8dea65debf65568001904c2c2fdf05cec3cfde9cd2
Whitepaper called Antivirus / Firewall Evasion Techniques : Evolution of Download Deploy Shellcode.
dbb6ec4dcc2c9fc40144c8ec59fdeb2ca61452a22cb209fdf2e7903079ab80b1
Whitepaper called Effectiveness of Antivirus in Detecting Web Application Backdoors.
56b496efac0e7ee46bf1f739d096e2a7faddcbb9a3266a3471e63693230b5988
A denial of service vulnerability exists in Symantec Antivirus Intel Alert Handler service. Remote unauthenticated attackers can exploit this vulnerability by sending a malicious packet to the target service.
9e9991cc21baae425527d30468a81b8551b7dcfe14ef58362a4b2b29ec346383
Secunia Security Advisory - A vulnerability has been discovered in Kingsoft Antivirus 2011, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
fea352b3ab3e46306e4ac1f1a7ce853e0ee5dc41b2d0e41f145c13aee91f6252
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys versions 2011.1.13.89 and below local kernel mode denial of service exploit.
1e25fc7a0416c984cca57aa50d30eec88a510d4ffb20b26d651889869528a98c