This page aggregates publicly disclosed CVE and security risk information related to webroot_software, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2006-6961 | WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name. | [email protected] | 6.8 | 0.36% | 2007-01-29 | 2026-04-23 |
| CVE-2006-6960 | The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression. | [email protected] | 6.8 | 0.36% | 2007-01-29 | 2026-04-23 |
| CVE-2006-6959 | WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security restrictions by modifying certain registry keys. | [email protected] | 4.6 | 0.07% | 2007-01-29 | 2026-04-23 |
| CVE-2005-3198 | Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | [email protected] | 4.6 | 0.07% | 2005-10-14 | 2026-04-16 |
| CVE-2005-3197 | Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | [email protected] | 7.2 | 0.07% | 2005-10-14 | 2026-04-16 |
| CVE-2005-0515 | Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files. | [email protected] | 2.1 | 0.07% | 2005-05-18 | 2026-04-16 |
| CVE-2004-1313 | The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges. | [email protected] | 7.2 | 0.04% | 2005-01-10 | 2026-04-16 |
| CVE-2004-2676 | The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | [email protected] | 7.2 | 0.04% | 2004-12-31 | 2026-04-16 |