CVE-2007-2966

Name of the Vulnerable Software and Affected Versions F-Secure anti-virus products for Microsoft Windows and Linux versions prior to 20070529

Description The issue is related to a buffer overflow in the LHA decompression component, which can be exploited by remote attackers through a crafted LHA archive. This can lead to the execution of arbitrary code or cause a denial of service, resulting in an application crash. The problem is associated with an integer wrap.

Recommendations For versions prior to 20070529, update to a version released after 20070529 to resolve the issue. As a temporary workaround, consider avoiding the use of the LHA decompression component until a patch is available. Restrict access to potentially malicious LHA archives to minimize the risk of exploitation.