CVE-2021-33971

Name of the Vulnerable Software and Affected Versions Qihoo 360 Safeguard versions 12.1.0.1004 through 13.1.0.1001 Qihoo 360 Total Security versions 10.8.0.1060 through 10.8.0.1213 360 Safe Browser & 360 Chrome version 13.0.2170.0

Description The issue is a buffer overflow that allows for the execution of arbitrary code locally. This set of vulnerabilities affects popular software from Qihoo 360, including their PC client and security browsers. The attack vector involves either opening a link to exploit the vulnerability remotely via the browser or locally executing a vulnerability exploitation program on the client software. The combination of remote and local vulnerabilities can lead to an escalation of privileges and make spyware persistent on the target computer without being detected by Qihoo 360's antivirus. The vulnerabilities have been reported by a security expert and fixed by the vendor.

Recommendations For Qihoo 360 Safeguard versions 12.1.0.1004 through 13.1.0.1001, update to a version that includes the fix for the buffer overflow vulnerability. For Qihoo 360 Total Security versions 10.8.0.1060 through 10.8.0.1213, update to a version that includes the fix for the buffer overflow vulnerability. For 360 Safe Browser & 360 Chrome version 13.0.2170.0, update to a version that includes the fix for the buffer overflow vulnerability.