(no title)

e.g. historically anti-virus engines have had bugs where e.g. when they search inside of a .zip file; their .zip parser was susceptible to a buffer overflow that would have allowed a malicious file when scanned to run arbitrary code.

e.g. some anti-virus software has a daemon that runs on localhost with an exposed port. This port receives RPCs. websites in your browser have been able to make requests to the anti-virus daemon.