Hustle Labs Advisory - There is an integer overflow present that affects Novell Windows clients and Novell Netware server and Novell Open Enterprise server. All versions of Novell Netware and Novell Netware Client for Windows are affected. All Netware based versions of Novell Open Enterprise Server are affected. Detailed analysis provided.
435daa5ce9ab016eefbb6be70ac9be842be30a1b33f6b52faa8e122246865e00
The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec i s vulnerable to multiple heap overflows allowing attackers complete control of the system(s) being protected. These vulnerabilities can be exploited remotely without user interaction in default configurations through common protocols such as SMTP.
dcbde29aba5cd0432baf2e97646ba98b60fd26042acab5d3a9d921591ee5b1fe
The Kaspersky Antivirus Library provides file format support for virus analysis. During analysis of cab files, Kaspersky is vulnerable to a heap overflow allowing attackers complete control of the system(s) being protected. This vulnerability can be exploited remotely without user interaction in default configurations through common protocols such as SMTP, SMB, HTTP, and FTP.
af434396cefd4db1acc36d0c3508f05a3a6511670795823b7bdb6f62ac153685
A security vulnerability existed in the anti-virus engine of specific versions of ZoneAlarm Anti-Virus and ZoneAlarm Security Suite (ZoneAlarm and ZoneAlarm Pro are not affected.) The vulnerability was caused due to an integer overflow in the Vet anti-virus engine (VetE.dll) when analyzing OLE streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted Microsoft Office document.
abceb822d39f24e96444992c0b7cb55f415bb170d323db66f5e7c797b94aceb8
Computer Associates Vet library provides antivirus scan engine capabilities. Vet scan engines allow products to analyze various streams for malware. Vet is vulnerable to an integer wrap during the analysis of an OLE stream. The integer wrap causes an arbitrary heap overflow with no character restrictions allowing remote attackers control of the system(s) Vet is protecting.
c4e6ac4f3f3118a3c7dcd8f30132e256ee811e86703d139084b225e408b0b4fc
Successful exploitation of Novell ZENworks allows attackers unauthorized control of related data and privileges on the machine and network.
675bd95a6c61ec70ddbfeed484b02dfcfb969f70e96bb8ec044f07d61ce04d33
Clam AntiVirus (ClamAV) versions 0.86.1 and below suffer from remote heap overflows.
d1fb6fbca8fea0d2ff3d187e619c601048b6ef729562695ccc5fe2f00936a6d1