Multiple AV vendor vulns / updates / issues

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

What the Tech > Discussion > Security advisories and vulnerabilities info

Multiple AV vendor vulns / updates / issues

Options

AplusWebMaster View Member Profile	Jul 24 2007, 04:18 AM Post #46
AplusWebMaster Group: Authentic Member Posts: 4,572 Joined: 30-December 03 From: USA Member No.: 1,643 Operating System: XP/SP3	FYI... > http://atlas.arbor.net/briefs/index#1027704494 Panda Antivirus EXE File Parsing Buffer Overflow Vulnerability Severity: High Severity Published: July 23, 2007 Panda AV is vulnerable to a buffer overflow when processing Windows EXE files. The error comes in an integer cast when parsing EXE header data. A malicious attacker could send the victim a malformed EXE file to be processed by Panda AV. This would then allow the attacker to run arbitrary code on the victim's computer. Updates have been made available. Analysis: This is a similar issue to the Eset NOD32 file processing issue and nearly a dozen such vulnerabilities recently. We believe that this trend will continue for some time. Source: http://secunia.com/advisories/26171/ NOD32 Antivirus Multiple File Processing Vulnerabilities Severity: High Severity Published: July 23, 2007 Eset NOD32 antivirus is vulnerable to file processing vulnerabilities that could be abused by a remote attacker to compromise a system. The AV software has problems processing CAB, ASPack, and FSG packed files. Malformed files could be sent to a victim to be processed by NOD32 and then run arbitrary code on the server. Eset has issued updated software to address this issue. Analysis: This is another AV vulnerability in handling files. We do not expect it to be the last one, in this package or any other AV package. Source: http://secunia.com/advisories/26124/ . This post has been edited by AplusWebMaster: Jul 4 2009, 08:03 AM

Posts in this topic

AplusWebMaster Multiple AV vendor vulns / updates / issues Jul 24 2007, 04:18 AM

AplusWebMaster FYI... AVG 8.5 vuln - updates available - http://... May 26 2009, 11:55 AM

AplusWebMaster FYI... McAfee false positive... - http://www.ther... Jun 10 2009, 05:33 AM

AplusWebMaster FYI... F-secure - Mail relay vuln - update availa... Jun 16 2009, 05:54 AM

AplusWebMaster FYI... ClamAV CAB/RAR/ZIP vuln - update available... Jun 19 2009, 04:59 AM

AplusWebMaster FYI... McAfee false-positive glitch... - http://w... Jul 4 2009, 07:53 AM

AplusWebMaster FYI... CA - false positive - http://www.theregist... Jul 10 2009, 06:33 AM

AplusWebMaster FYI... Kaspersky Anti-Virus / Kaspersky Internet ... Jul 24 2009, 08:56 AM

AplusWebMaster FYI... Sophos SAVScan vuln - updates available - ... Aug 12 2009, 05:33 AM

AplusWebMaster FYI... CA false positives... - http://www.dynamoo... Aug 12 2009, 07:51 PM

AplusWebMaster FYI... Symantec SYM09-010 - Symantec Products Key... Aug 26 2009, 04:21 AM

AplusWebMaster FYI... avast! vuln - update available - http:... Sep 25 2009, 08:30 AM

AplusWebMaster FYI... CA Anti-Virus Engine - CA20091008-01 - htt... Oct 21 2009, 01:37 PM

AplusWebMaster FYI... F-Secure PDF handling vuln - update availa... Oct 29 2009, 08:05 AM

AplusWebMaster FYI... Panda vuln - update available - http://sec... Nov 13 2009, 12:23 PM

AplusWebMaster FYI... Kaspersky AV vuln - update available - htt... Nov 18 2009, 08:08 AM

AplusWebMaster FYI... ClamAV v0.95.3 released - http://www.clama... Nov 19 2009, 02:10 PM

AplusWebMaster FYI... Avast false positives - fix released - htt... Dec 3 2009, 07:15 AM

AplusWebMaster FYI... Kaspersky - Insecure default directory per... Dec 17 2009, 05:57 AM

AplusWebMaster FYI... AV-Comparatives rates Anti-Malware perform... Dec 23 2009, 08:11 PM

AplusWebMaster FYI... Symantec ...having 2010 date problems - ht... Jan 4 2010, 02:58 PM

AplusWebMaster FYI... F-secure - false alarm in show_ads.js - ht... Jan 25 2010, 05:43 PM

AplusWebMaster FYI... Kaspersky - false positive - http://www.th... Jan 26 2010, 08:31 AM

AplusWebMaster FYI... Symantec false positives... - http://isc.s... Jan 28 2010, 04:49 PM

AplusWebMaster FYI... avast! vuln - updates available - http... Feb 23 2010, 02:06 PM

AplusWebMaster FYI... CA Service Desk Tomcat CSS vuln - workarou... Feb 24 2010, 04:09 PM

« Next Oldest · Security advisories and vulnerabilities info · Next Newest »

Similar Topics

Topic Title	Replies	Topic Starter	Views	Last Action
Microsoft Windows™ Windows Automatic Updates not working	37	boghog	669	16th March 2010 - 03:40 PM Last post by: boghog
Infections Removal [Resolved] CPU 100% constantly, csrss.exe taking it up, multiple blue	10	Vilya	82	15th March 2010 - 06:23 PM Last post by: LDTate
General Hardware Website Access Issues - DNS related	1	UAMCC	58	12th March 2010 - 01:40 PM Last post by: Doug
Updates To Software Apple Mac OS X updates	43	AplusWebMaster	5,400	12th March 2010 - 04:14 AM Last post by: AplusWebMaster

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 19th March 2010 - 08:42 AM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy