More AV products suffer flaws

Vulnerabilities found in AntiVir and avast!.

Security defects in two anti-virus products have been reported by security watch company Secunia in the last week. While the AntiVir flaw involved data gathered by the update process, avast!'s problem was an overflow issue in the detection engine.

VB100

Avira's AntiVir PersonalEdition 7.0 build 151 (Classic) is confirmed to have suffered the vulnerability, and other versions may also be affected. The problem, in the way the product's updater program takes in data for its progress bar, could be exploited by a local user placing the right data into the right memory location, and could be used to gain admin access to the machine.

The avast! bug was an overflow allowed by a fault in the handling of LHA archives, which could be exploited using specially crafted files and could allow arbitrary code execution. It affects versions of the engine earlier than 4.7.869 for desktops and 4.7.660 for servers. The flaw was first found in July, and later updates are thought to contain a fix for the problem.

Secunia's AntiVir alert is available here, while the avast! alert is here. The original research into the avast! problem is in this PDF.

11 September 2006

Tags: virus  

 del.icio.us  digg this! digg this

Quick Links

Poll
Does your company allow you to use a personal laptop/mobile device to access company resources?
Yes, it's allowed
Yes, it's actively encouraged
No
I don't know
Leave a comment
View 1 comment

Ciso-Intelligence

VB2012
VB2012 VB2012 will take place 26 - 28 September 2012 at the Fairmont Dallas hotel, Dallas, TX, USA.

Virus Bulletin currently has 225,202 registered users.