what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Dec 22, 2006
Authored by Sergio Alvarez | Site nruns.com

ESET NOD32 Antivirus suffers from a arbitrary code execution vulnerability. Versions prior to 1.1743 are affected.

tags | advisory, arbitrary, code execution
SHA-256 | 68c8e00a070400f31b4f79d8fd1f5ed916dc36dd5153dcfabf13efd85383835a


Change Mirror Download
n.runs AG             
http://www.nruns.com/ security at nruns.com
n.runs-SA-2006.004 20-Dec-2006

Vendor: ESET, http://eset.com
Affected Products: ESET NOD32 Antivirus
Vulnerability: Arbitrary Code Execution (remote)
Risk: HIGH


Vendor communication:

2006/08/24 initial notification of ESET
2006/08/28 ESET Response
2006/08/29 PGP keys exchange
2006/08/29 PoC files sent to ESET
2006/09/06 ESET initial feedback.
2006/09/08 ESET confirmed the bug and fixed
2006/09/08 ESET made available the updates


Founded in 1992, ESET is a global provider of security software for
enterprises and consumers. ESET's award-winning, antivirus software system,
NOD32, provides real-time protection from known and unknown viruses,
spyware, rootkits and other malware. NOD32 offers the smallest, fastest and
most advanced protection available, with more Virus Bulletin 100% Awards
than any other antivirus product. ESET was named to Deloitte's Technology
Fast 500 five years running, and has an extensive partner network, including
corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava,
SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is
represented worldwide in more than 100 countries.
The broad product platform protects Windows, Linux, Novell and MS DOS

Multiple vulnerabilities have been found in the file parsing engine.

In detail, the following flaw was determined:

- Divide by Zero in .CHM file parsing.
- Heap Overflow through Integer Overflow in .DOC File Parsing

The .DOC problem can lead to remote arbitrary code execution if an attacker
carefully crafts a file that exploits the aforementioned vulnerabilities.
The vulnerabilities are present in NOD32 Antivirus software versions prior
to the update v.1.1743.

The vulnerabilities were reported on Aug 24 and an update has been issued on
Sep 08 to solve these vulnerabilities through the regular update mechanism.

Bugs found by Sergio Alvarez of n.runs AG.

http://eset.com/support/updates.php?pageno=61 (NOD32 - v.1.1743)


The information provided is released by n.runs "as is" without warranty of
any kind. n.runs except all warranties, either express or implied, expect
for the warranties of merchantability. In no event shall n.runs be liable
for any damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages, even if n.runs
has been advised of the possibility of such damages.
Distribution or Reproduction of the information is provided that the
advisory is not modified in any way.

Copyright 2006 n.runs. All rights reserved. Terms of use.

Login or Register to add favorites

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By