|
|
|
|
| |
| Founded in 1992, ESET is "a global provider of security software for enterprises and consumers. ESET's award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100% Awards than any other antivirus product". Multiple vulnerabilities have been found in NOD32's Antivirus package. |
| |
Credit:
The information has been provided by n.runs AG.
The original article can be found at: http://www.nruns.com/parsing-engines-advisories.php
|
| |
Vulnerable Systems:
* ESET NOD32 Antivirus version 2.2288 and prior
Immune Systems:
* ESET NOD32 Antivirus version 2.2289 and newer
CAB parsing Arbitrary Code Execution Advisory
A remotely exploitable vulnerability has been found in the file parsing engine.
In detail, a heap corruption can be caused through a race condition in .CAB file parsing.
Impact:
This problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in NOD32 Antivirus software versions prior to the update v.2.2289.
Solution:
The vulnerability was reported on May 07 and an update has been issued on May 24 to solve this vulnerability through the regular update mechanism.
ASPACK parsing Infinite Loop Advisory
A remotely exploitable vulnerability has been found in the file parsing engine.
In detail, an infinite loop through an integer overflow in ASPACK packed files parsing.
Impact:
This problem can lead to remote denial of service provoked by high CPU consume and exhaustion of storage resource if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in NOD32 Antivirus software versions prior to the update v.2.2289.
Solution:
The vulnerability was reported on May 07 and an update has been issued on May 24 to solve this vulnerability through the regular update mechanism.
ASPACK and FSG parsing Divide by Zero Advisory
A remotely exploitable vulnerability has been found in the file parsing engine.
In detail, a divide by zero in ASPACK and FSG packed files parsing.
Impact:
This problem can lead to remote denial of service if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in NOD32 Antivirus software versions prior to the update v.2.2289.
Solution:
The vulnerability was reported on May 07 and an update has been issued on May 24 to solve this vulnerability through the regular update mechanism.
|
|
|
|
|
|
