PDA

Visualizza versione completa : Donna's: NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory


Giorgius
22-12-2006, 01.22.08
Multiple vulnerabilities have been found in the file parsing engine.

In detail, the following flaw was determined:

- Divide by Zero in .CHM file parsing.
- Heap Overflow through Integer Overflow in .DOC File Parsing

The .DOC problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerabilities.
The vulnerabilities are present in NOD32 Antivirus software versions prior to the update v.1.1743.

Leggi: http://msmvps.com/blogs/donna/archive/2006/12/20/nod32-antivirus-doc-parsing-arbitrary-code-execution-advisory.aspx