← Back

Anti Virus

anti-virus

Vendor: Totaldefense • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-18645
1Totaldefense
1Anti Virus
Nov 21, 2024
Oct 31, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories.
CVE-2019-18644
1Totaldefense
1Anti Virus
Nov 21, 2024
Oct 31, 2019
N/A· v4
5.9 MEDIUM· v3
5.8 MEDIUM· v2
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.
CVE-2019-13357
1Totaldefense
1Anti Virus
Nov 21, 2024
Sep 24, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code executio...Show more
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the affected executable.Show less
CVE-2019-13356
1Totaldefense
1Anti Virus
Nov 21, 2024
Sep 24, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privil...Show more
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL.Show less
CVE-2019-13355
1Totaldefense
1Anti Virus
Nov 21, 2024
Sep 24, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to priv...Show more
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the executable.Show less