Jump to content
TCH-Thomas

Avg Anti-virus Multiple File Parsing Vulnerabilities

Recommended Posts

Secunia reports this as Highly critical.

Read more at: http://secunia.com/advisories/22811/

 

Description:

Sergio Alvarez has reported some vulnerabilities in AVG Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

 

1) An integer overflow error when parsing CAB archives can be exploited to cause a heap-based buffer overflow via a specially crafted CAB archive.

 

2) An unspecified error when parsing RAR archives can be exploited to cause a heap-based buffer overflow via a specially crafted RAR archive.

 

3) An uninitialized variable error exists within the parsing of CAB archives.

 

4) A division by zero error when parsing DOC files may in certain cases cause a DoS via a specially crafted DOC file.

 

5) An unspecified error exists within the parsing of EXE files.

 

The vulnerabilities are reported in AVG Antivirus software versions prior to 7.1.407.

 

Solution:

Update to the latest version.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...