Hustle Labs Advisory - There is an integer overflow present that affects Novell Windows clients and Novell Netware server and Novell Open Enterprise server. All versions of Novell Netware and Novell Netware Client for Windows are affected. All Netware based versions of Novell Open Enterprise Server are affected. Detailed analysis provided.
435daa5ce9ab016eefbb6be70ac9be842be30a1b33f6b52faa8e122246865e00The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec i s vulnerable to multiple heap overflows allowing attackers complete control of the system(s) being protected. These vulnerabilities can be exploited remotely without user interaction in default configurations through common protocols such as SMTP.
dcbde29aba5cd0432baf2e97646ba98b60fd26042acab5d3a9d921591ee5b1feThe Kaspersky Antivirus Library provides file format support for virus analysis. During analysis of cab files, Kaspersky is vulnerable to a heap overflow allowing attackers complete control of the system(s) being protected. This vulnerability can be exploited remotely without user interaction in default configurations through common protocols such as SMTP, SMB, HTTP, and FTP.
af434396cefd4db1acc36d0c3508f05a3a6511670795823b7bdb6f62ac153685A security vulnerability existed in the anti-virus engine of specific versions of ZoneAlarm Anti-Virus and ZoneAlarm Security Suite (ZoneAlarm and ZoneAlarm Pro are not affected.) The vulnerability was caused due to an integer overflow in the Vet anti-virus engine (VetE.dll) when analyzing OLE streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted Microsoft Office document.
abceb822d39f24e96444992c0b7cb55f415bb170d323db66f5e7c797b94aceb8Computer Associates Vet library provides antivirus scan engine capabilities. Vet scan engines allow products to analyze various streams for malware. Vet is vulnerable to an integer wrap during the analysis of an OLE stream. The integer wrap causes an arbitrary heap overflow with no character restrictions allowing remote attackers control of the system(s) Vet is protecting.
c4e6ac4f3f3118a3c7dcd8f30132e256ee811e86703d139084b225e408b0b4fcSuccessful exploitation of Novell ZENworks allows attackers unauthorized control of related data and privileges on the machine and network.
675bd95a6c61ec70ddbfeed484b02dfcfb969f70e96bb8ec044f07d61ce04d33Clam AntiVirus (ClamAV) versions 0.86.1 and below suffer from remote heap overflows.
d1fb6fbca8fea0d2ff3d187e619c601048b6ef729562695ccc5fe2f00936a6d1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed