Secunia Advisory: SA23459
Release Date: 2006-12-21
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software: NOD32 for Domino 2.x
NOD32 for DOS 1.x
NOD32 for FreeBSD 1.x
NOD32 for Linux 1.x
NOD32 for MS Exchange Server 0.x
NOD32 for NetBSD 1.x
NOD32 for Novell Netware Server 1.x
NOD32 for OpenBSD 1.x
NOD32 for Windows 95/98/ME 2.x
NOD32 for Windows NT/2000/XP/2003 2.x
Description:
Sergio Alvarez has reported some vulnerabilities in the NOD32 Antivirus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An integer-overflow within the parsing of DOC files can be exploited to cause a heap-based buffer overflow via a specially crafted DOC file.
Successful exploitation allows execution of arbitrary code.
2) A division-by-zero error within the parsing of CHM files can be exploited to cause a DoS via a specially crafted CHM file.
The vulnerabilities are reported in versions prior to 1.1743.
Solution:
Update to the latest version.
Bollettino di sicurezza
Release Date: 2006-12-21
Critical: Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software: NOD32 for Domino 2.x
NOD32 for DOS 1.x
NOD32 for FreeBSD 1.x
NOD32 for Linux 1.x
NOD32 for MS Exchange Server 0.x
NOD32 for NetBSD 1.x
NOD32 for Novell Netware Server 1.x
NOD32 for OpenBSD 1.x
NOD32 for Windows 95/98/ME 2.x
NOD32 for Windows NT/2000/XP/2003 2.x
Description:
Sergio Alvarez has reported some vulnerabilities in the NOD32 Antivirus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An integer-overflow within the parsing of DOC files can be exploited to cause a heap-based buffer overflow via a specially crafted DOC file.
Successful exploitation allows execution of arbitrary code.
2) A division-by-zero error within the parsing of CHM files can be exploited to cause a DoS via a specially crafted CHM file.
The vulnerabilities are reported in versions prior to 1.1743.
Solution:
Update to the latest version.
Bollettino di sicurezza