iDefense Security Advisory 04.17.07 - Remote exploitation of a buffer overflow vulnerability in McAfee's VirusScan Antivirus application allows attackers to disable the On-Access scanner or potentially execute arbitrary code with SYSTEM privileges. The McAfee On-Access scanner component contains a common software flaw that leads to heap corruption when dealing with overly long file names that contain multi-byte characters. This flaw only manifests itself when the target system has East Asia language files installed and the default Unicode codepage is set to a language which contains multi-byte characters such as Chinese. iDefense has confirmed this vulnerability in McAfee VirusScan 8.0 Enterprise. Previous versions are suspected vulnerable as well.
dc247c8098d41291932ea959f77c83db7d97fb574d5f30d056f350eca5dc2103