Secunia Security Advisory 26171

Secunia Security Advisory 26171: Posted Jul 24, 2007; Authored by Secunia | Site secunia.com; Secunia Security Advisory - Sergio Alvarez has reported a vulnerability in Panda Antivirus, which can be exploited by malicious people to compromise a vulnerable system.; tags | advisory; SHA-256 | 86e29313b359eef5d08869b512522c915659fcaf8c9b9a9a306a53b6cad10cb2; Download | Favorite | View

Secunia Security Advisory 26171



----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now
available:
http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

----------------------------------------------------------------------

TITLE:
Panda Antivirus EXE File Parsing Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA26171

VERIFY ADVISORY:
http://secunia.com/advisories/26171/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
Panda AntiVirus Enterprise Suite
http://secunia.com/product/781/
Panda AntiVirus Platinum 6.x
http://secunia.com/product/7297/
Panda AntiVirus Platinum 7.x
http://secunia.com/product/779/
Panda AntiVirus Small Business Edition
http://secunia.com/product/780/
Panda AntiVirus Titanium
http://secunia.com/product/778/

DESCRIPTION:
Sergio Alvarez has reported a vulnerability in Panda Antivirus, which
can be exploited by malicious people to compromise a vulnerable
system.

The vulnerability is caused due to a boundary error when parsing .EXE
files and can be exploited to cause a buffer overflow when e.g.
scanning a specially crafted .EXE file.

Successful exploitation allows execution of arbitrary code.

SOLUTION:
An update has reportedly been issued on 2007-07-20 through the
regular update mechanism.

PROVIDED AND/OR DISCOVERED BY:
Sergio Alvarez, n.runs AG

ORIGINAL ADVISORY:
http://www.nruns.com/%5Bn.runs-SA-2007.019%5D%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

Secunia Security Advisory 26171

Secunia Security Advisory 26171

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 26171

Share This

Secunia Security Advisory 26171

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems