Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Month of Bugs.... Apple stylee

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion
Reload this Page NOD32 Antivirus Engine DOC and CHM Parsing Vulnerabilities
Register FAQ Members List Calendar Mark Forums Read

NOD32 Antivirus Engine DOC and CHM Parsing Vulnerabilities
Reply
 
Thread Tools
Old 21-12-2006, 11:32   #1
pedantic
Inactive
 
Join Date: Mar 2004
Location: Swinton
Services: O2 standard
Posts: 2,499
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
Send a message via Yahoo to pedantic
NOD32 Antivirus Engine DOC and CHM Parsing Vulnerabilities
Linky

Quote:
Secunia Advisory: SA23459
Release Date: 2006-12-21


Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

Quote:

Description: Sergio Alvarez has reported some vulnerabilities in the NOD32 Antivirus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An integer-overflow within the parsing of DOC files can be exploited to cause a heap-based buffer overflow via a specially crafted DOC file.

Successful exploitation allows execution of arbitrary code.

2) A division-by-zero error within the parsing of CHM files can be exploited to cause a DoS via a specially crafted CHM file.

The vulnerabilities are reported in versions prior to 1.1743.

Solution: Update to the latest version.
Just a heads up, as this seems to be quite a popular AV with some CF members, and is listed as highly critical.


EDIT: This is only an advisory for people who haven't updated NOD32, as this was fixed sometime ago, but has still appeared on Secunia for some unknown reason.
pedantic is offline   Reply With Quote
Advertisement
Reply

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 09:49.

Contact Us - Service Status - Cable Forum - Archive - Privacy Statement - Terms of Service - Top

Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum
Copyright © 2026 Cable Forum Hosted On Hetzner Cloud