CVE-2007-3970

Name: CVE-2007-3970
Creator: NVD / NIST
Published: 2007-07-25T17:30:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.58%

Last modified Jun 16, 2026

CVE-2007-3970 is a vulnerability of currently unknown severity. Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.. EPSS estimates a 5.58% chance of exploitation in the next 30 days.

Description

Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

Metrics

EPSS Probability

5.58%

91.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-362

Affected Software

Vendor	Product	Versions
Eset	Nod32 Antivirus	< 2.2289

References

http://osvdb.org/37976Broken Link
http://secunia.com/advisories/26124Broken Link, Patch, Vendor Advisory
http://securityreason.com/securityalert/2922Third Party Advisory
http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26Broken Link
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdfBroken Link
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txtBroken Link
http://www.securityfocus.com/archive/1/474244/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/24988Broken Link, Patch, Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/2602Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/35526Third Party Advisory, VDB Entry
http://osvdb.org/37976Broken Link
http://secunia.com/advisories/26124Broken Link, Patch, Vendor Advisory
http://securityreason.com/securityalert/2922Third Party Advisory
http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26Broken Link
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdfBroken Link
http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txtBroken Link
http://www.securityfocus.com/archive/1/474244/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/24988Broken Link, Patch, Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/2602Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/35526Third Party Advisory, VDB Entry

Timeline

Published: Jul 25, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-3970?

Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption.

How severe is CVE-2007-3970?

Severity scoring for CVE-2007-3970 is pending analysis. The EPSS model estimates a 5.58% probability of exploitation in the next 30 days.

How do I fix CVE-2007-3970?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-3970?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST