Vulnerability in AVIRA Desktop for Windows - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Security discussions
Vulnerability in AVIRA Desktop for Windows

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Security discussions Discuss about the computer security in general

Vulnerability in AVIRA Desktop for Windows

This is a discussion on "Vulnerability in AVIRA Desktop for Windows" within the Security discussions part of the Computer Security: Discussions section; FrSIRT Advisory : FrSIRT/ADV-2005-1736 CVE Reference : GENERIC-MAP-NOMATCH Rated as : Critical Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-09-14 * Technical Description * A vulnerability was identified in AVIRA Desktop for Windows, which may be exploited ...

Reply

#1 (permalink)

Old

15-09-05

Killahbee is offline

Junior Member

Join Date: Jun 2005

Posts: 1

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 5

Killahbee is on a distinguished road

Default

Vulnerability in AVIRA Desktop for Windows

FrSIRT Advisory : FrSIRT/ADV-2005-1736
CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-09-14

* Technical Description *

A vulnerability was identified in AVIRA Desktop for Windows, which may be exploited by remote attackers or malware to execute arbitrary code. This flaw is due to a stack overflow error when handling ACE archives containing compressed files with overly long filename, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted archive.

* Affected Products *

AVIRA Desktop for Windows version 1.00.00.68 (with AVPACK32.DLL version 6.31.0.3)

* Solution *

Upgrade to the latest version (AVPACK32.DLL version 6.31.1.7)

* References *

http://www.frsirt.com/english/advisories/2005/1736
http://www.avira.com/en/news/avira_...nerability.html
http://secunia.com/secunia_research/2005-43/advisory/

* Credits *

Vulnerability reported by Tan Chew Keong

* ChangeLog *

2005-09-14 : Original Advisory

Reply With Quote

Sponsor

Advertiser

Reply

Tags
avira, desktop, vulnerability, windows

« Stickey Keys | new IE bug (confirmed on ALL windows) »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Microsoft Excel File Format Parsing Vulnerability	J-A	Security discussions	2	15-03-06 04:51
VERITAS NETBACKUP 5.1 'TIME_STAMP' VULNERABILITY	arnold	Security discussions	10	11-08-05 15:22
New eEye Upcoming Advisory	clark	Security discussions	8	26-07-05 02:47
Windows Netman Service Local DOS Vulnerability	class101	Public	0	14-07-05 16:48

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72