Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.
Threat-Mapped Scoring
Score: 1.8
Priority: P4 - Informational (Low)
S9 – Sabotage of System/App
EPSS
Score: 0.1435 Percentile:
0.94088
CVSS Scoring
CVSS v2 Score: 7.6
Severity:
Mapped CWE(s)
CWE-362
: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
All CAPEC(s)
CAPEC-26: Leveraging Race Conditions
CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions