NOD32 Multiple Buffer Overflow Vulnerabilities
BID:24098
Info
NOD32 Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 24098 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2852 |
| Remote: | No |
| Local: | Yes |
| Published: | May 22 2007 12:00AM |
| Updated: | May 07 2015 05:38PM |
| Credit: | Ismael Briones is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Eset NOD32 2.7 |
| Not Vulnerable: | |
Discussion
NOD32 Multiple Buffer Overflow Vulnerabilities
NOD32 is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will cause denial-of-service conditions.
These issue affects NOD32 2.7 prior to update 2.70.37.0
NOD32 is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will cause denial-of-service conditions.
These issue affects NOD32 2.7 prior to update 2.70.37.0
Exploit / POC
NOD32 Multiple Buffer Overflow Vulnerabilities
A proof of concept is available, but not to the general public.
A proof of concept is available, but not to the general public.
Solution / Fix
NOD32 Multiple Buffer Overflow Vulnerabilities
Solution:
The vendor has released an update that addresses these issues. This update is available through the automatic update facility. Please see the references for more information.
Solution:
The vendor has released an update that addresses these issues. This update is available through the automatic update facility. Please see the references for more information.
References
NOD32 Multiple Buffer Overflow Vulnerabilities
References:
References: