Secunia Security Advisory - A vulnerability has been reported in McAfee VirusScan Enterprise, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
3bcfa028e2195c30df4ae002ca14d88e4ed8e8792a7cdebe5145e6a1d4945d3b
----------------------------------------------------------------------
Secunia customers receive relevant and filtered advisories.
Delivery is done via different channels including SMS, Email, Web,
and https based XML feed.
http://corporate.secunia.com/trial/38/request/
----------------------------------------------------------------------
TITLE:
McAfee VirusScan Enterprise On-Access Scanner Unicode Filename Buffer
Overflow
SECUNIA ADVISORY ID:
SA24914
VERIFY ADVISORY:
http://secunia.com/advisories/24914/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From remote
SOFTWARE:
McAfee VirusScan Enterprise 8.x
http://secunia.com/product/3948/
DESCRIPTION:
A vulnerability has been reported in McAfee VirusScan Enterprise,
which can be exploited by malicious people to cause a DoS or to
potentially compromise a vulnerable system.
The vulnerability is caused due to an error within the On-Access
scanner component when processing file names that contain multi-byte
characters (e.g. Chinese). This can be exploited to stop the
On-Access scan or to cause a heap-based buffer overflow via a file
with a specially crafted, overly long filename.
Successful exploitation may allow execution of arbitrary code but
requires that East-Asia language files are installed, the default
Unicode codepage is set to a language that contains multi-byte
characters, and that the attacker is able to place the specially
crafted file on the target system.
The vulnerability reportedly affects versions 8.0i Patch 11 and
prior.
SOLUTION:
Apply Patch 12 or later.
https://mysupport.mcafee.com/eservice_enu/start.swe
PROVIDED AND/OR DISCOVERED BY:
iDefense Labs
ORIGINAL ADVISORY:
McAfee:
https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------