Posted by Virus Bulletin on Sep 11, 2006
Vulnerabilities found in AntiVir and avast!.
Security defects in two anti-virus products have been reported by security watch company Secunia in the last week. While the AntiVir flaw involved data gathered by the update process, avast!'s problem was an overflow issue in the detection engine.
Avira's AntiVir PersonalEdition 7.0 build 151 (Classic) is confirmed to have suffered the vulnerability, and other versions may also be affected. The problem, in the way the product's updater program takes in data for its progress bar, could be exploited by a local user placing the right data into the right memory location, and could be used to gain admin access to the machine.
The avast! bug was an overflow allowed by a fault in the handling of LHA archives, which could be exploited using specially crafted files and could allow arbitrary code execution. It affects versions of the engine earlier than 4.7.869 for desktops and 4.7.660 for servers. The flaw was first found in July, and later updates are thought to contain a fix for the problem.
Secunia's AntiVir alert is available here, while the avast! alert is here. The original research into the avast! problem is in this PDF.
Posted on 11 September 2006 by Virus Bulletin
