NOD32 Anti-Virus Multiple File Parsing Vulnerabilities

Bugtraq ID:	21682
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Dec 20 2006 12:00AM
Updated:	Dec 20 2006 11:12PM
Credit:	Sergio Alvarez of n.runs AG. discovered these vulnerabilities.
Vulnerable:	Eset NOD32 Antivirus 0
Not Vulnerable:	Eset NOD32 Antivirus Update 1.1743

NOD32 Anti-Virus Multiple File Parsing Vulnerabilities

NOD32 antivirus is prone to multiple remote vulnerabilities because the application fails to properly parse specially crafted files.

An attacker can exploit one of issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Exploiting the other vulnerability will trigger denial-of-service conditions.

Versions prior to 1.1743 are vulnerable to these issues.

NOD32 Anti-Virus Multiple File Parsing Vulnerabilities

Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

NOD32 Anti-Virus Multiple File Parsing Vulnerabilities

Solution:
The vendor has released an update to address these issues. Please see the references for more information.

NOD32 Anti-Virus Multiple File Parsing Vulnerabilities

References:

• Eset NOD32 Homepage (ESET)
  
• ThreatSense Updates (Eset Software)
  
• NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory ([email protected])