Vulnerability CVE-2007-2974


Published: 2007-05-31   Modified: 2012-02-12

Description:
Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around."

See advisories in our WLB2 database:
Topic
Author
Date
High
Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory
Sergio Alvarez
05.06.2007

Type:

CWE-Other

Vendor: Avira
Product: Antivir 
Version: 7.04.00.23;
Product: Av pack 
Version: 7.03.00.08;

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://forum.antivir-pe.de/thread.php?threadid=22528
http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063624.html
http://securityreason.com/securityalert/2764
http://securitytracker.com/id?1018131
http://www.nruns.com/advisories/%5Bn.runs-SA-2007.010%5D%20-%20Avira%20Antivir%20Antivirus%20LZH%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
http://www.securityfocus.com/archive/1/469805/100/0/threaded
http://www.securityfocus.com/bid/24187
http://www.vupen.com/english/advisories/2007/1971
https://exchange.xforce.ibmcloud.com/vulnerabilities/34551

Related CVE
CVE-2019-11396
An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be crea...
CVE-2016-10402
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.
CVE-2015-7732
The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext.
CVE-2017-6417
Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-prot...
CVE-2015-7303
Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header.
CVE-2014-5576
The Avira Secure Backup (aka com.avira.avirabackup) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat...
CVE-2010-5153
** DISPUTED ** Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based ...
CVE-2012-1459
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Clam...

Copyright 2019, cxsecurity.com

 

Back to Top