Cable Forum

Cable Forum (https://www.cableforum.uk/board/index.php)
-   Security & Virus Discussion (https://www.cableforum.uk/board/forumdisplay.php?f=38)
-   -   NOD32 Antivirus Engine DOC and CHM Parsing Vulnerabilities (https://www.cableforum.uk/board/showthread.php?t=33605226)

pedantic 21-12-2006 11:32
NOD32 Antivirus Engine DOC and CHM Parsing Vulnerabilities
 
Linky

Quote:
Secunia Advisory: SA23459
Release Date: 2006-12-21


Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

Quote:

Description: Sergio Alvarez has reported some vulnerabilities in the NOD32 Antivirus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An integer-overflow within the parsing of DOC files can be exploited to cause a heap-based buffer overflow via a specially crafted DOC file.

Successful exploitation allows execution of arbitrary code.

2) A division-by-zero error within the parsing of CHM files can be exploited to cause a DoS via a specially crafted CHM file.

The vulnerabilities are reported in versions prior to 1.1743.

Solution: Update to the latest version.
Just a heads up, as this seems to be quite a popular AV with some CF members, and is listed as highly critical.


EDIT: This is only an advisory for people who haven't updated NOD32, as this was fixed sometime ago, but has still appeared on Secunia for some unknown reason. :confused:


All times are GMT +1. The time now is 09:45.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum