PT-2007-4150 · Avast · Avast! Anti-Virus Managed Client

Publicado

2007-05-24

Atualizado

2018-10-16

CVE-2007-2846

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions avast! Anti-Virus Managed Client versions prior to 4.7.700

Description The issue is related to a heap-based buffer overflow in the SIS unpacker, which can be exploited by user-assisted remote attackers. This is caused by an "integer cast around" and can be triggered via a crafted SIS archive, potentially allowing the execution of arbitrary code.

Recommendations For versions prior to 4.7.700, update to version 4.7.700 or later to resolve the issue.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2007-2846

Produtos afetados

Avast! Anti-Virus Managed Client

PT-2007-4150 · Avast · Avast! Anti-Virus Managed Client

CVE-2007-2846

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10