FrSIRT Advisory : FrSIRT/ADV-2005-1978
CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-10-06
* Technical Description *
A vulnerability was identified in multiple HAURI Antivirus products, which may be exploited by remote attackers or malware to execute arbitrary code. This flaw is due to a stack overflow error in the ALZ archive decompression library (vrAZMain.dll) when extracting a specially crafted ALZ archive containing a compressed file with an overly long filename, which could be exploited by remote attackers to compromise a vulnerable system.
* Affected Products *
HAURI ViRobot Expert 4.0
HAURI ViRobot Advanced Server
HAURI LiveCall
vrAZMain.dll version 5.8.22.137 and prior
* Solution *
Upgrade the affected library (vrAZMain.dll) to version 5.9.22.154 or later.
* References *
Para ver este enlace Registrate o Inicia SesionPara ver este enlace Registrate o Inicia Sesion * Credits *
Vulnerability reported by Tan Chew Keong
* ChangeLog *
2005-10-06 : Original Advisory
Autor