in

myITforum.com

Andrew Berges at myITforum.com

Antivirus, Malware, SMS 2003, and assorted musings from a self-confessed IT geek.

NOD32 Antivirus Engine Multiple File Parsing Vulnerabilities

http://secunia.com/advisories/23459/ 

Description:
Sergio Alvarez has reported some vulnerabilities in the NOD32 Antivirus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An integer-overflow error within the parsing of DOC files can be exploited to cause a heap-based buffer overflow via a specially crafted DOC file.

Successful exploitation allows execution of arbitrary code.

2) An integer-overflow error within the parsing of CAB archives can be exploited to cause a heap-based buffer overflow via a specially crafted CAB archive.

Successful exploitation allows execution of arbitrary code.

3) A division-by-zero error within the parsing of CHM files can be exploited to cause a DoS via a specially crafted CHM file.

The vulnerabilities are reported in versions prior to 1.1743.

Solution:
Update to the latest version.

Published Dec 22 2006, 11:33 AM by aberges
Filed under: , ,

Comments

No Comments
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems