PT-2007-4149 · Avast · Avast! Anti-Virus Managed Client

Publicado

2007-05-24

Atualizado

2018-10-16

CVE-2007-2845

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions avast! Anti-Virus Managed Client versions prior to 4.7.700

Description The issue is related to a heap-based buffer overflow in the CAB unpacker, which can be exploited by user-assisted remote attackers. This is caused by an "integer cast around" and can be triggered via a crafted CAB archive, potentially allowing the execution of arbitrary code.

Recommendations For versions prior to 4.7.700, update to version 4.7.700 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2845

Produtos afetados

Avast! Anti-Virus Managed Client

PT-2007-4149 · Avast · Avast! Anti-Virus Managed Client

CVE-2007-2845

Identificadores relacionados

Produtos afetados

Referências · 10