Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.

Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe.

Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.

Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string.

ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function.