PT-2007-4149 · Avast · Avast! Anti-Virus Managed Client

Published

2007-05-24

Updated

2018-10-16

CVE-2007-2845

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions avast! Anti-Virus Managed Client versions prior to 4.7.700

Description The issue is related to a heap-based buffer overflow in the CAB unpacker, which can be exploited by user-assisted remote attackers. This is caused by an "integer cast around" and can be triggered via a crafted CAB archive, potentially allowing the execution of arbitrary code.

Recommendations For versions prior to 4.7.700, update to version 4.7.700 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2845

Affected Products

Avast! Anti-Virus Managed Client

PT-2007-4149 · Avast · Avast! Anti-Virus Managed Client

CVE-2007-2845

Related Identifiers

Affected Products

References · 10