LOW🇬🇧 English

CVE-2018-7289

CVSS 3.3v3.0pub. 2018-02-21upd. 2024-11-21

An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. This happens because characters that cannot be converted from Unicode are replaced with '?' characters.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • Teclib Edition Armadito Antivirus

    APP
    Teclib-Edition
    0.12.7.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-23489CRITICAL9.1PL ✓ten sam vendor

RCE przez tworzenie dropdownów w pluginie Fields dla GLPI

CVE-2021-43779CRITICAL9.9ten sam vendor

GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing...

CVE-2019-12723CRITICAL9.8ten sam vendor

An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via contai...

CVE-2019-10231CRITICAL9.8ten sam vendor

Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication....

CVE-2019-10232CRITICAL9.8ten sam vendor

Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.