Giorgius
22-12-2006, 01.22.08
Multiple vulnerabilities have been found in the file parsing engine.
In detail, the following flaw was determined:
- Divide by Zero in .CHM file parsing.
- Heap Overflow through Integer Overflow in .DOC File Parsing
The .DOC problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerabilities.
The vulnerabilities are present in NOD32 Antivirus software versions prior to the update v.1.1743.
Leggi: http://msmvps.com/blogs/donna/archive/2006/12/20/nod32-antivirus-doc-parsing-arbitrary-code-execution-advisory.aspx
In detail, the following flaw was determined:
- Divide by Zero in .CHM file parsing.
- Heap Overflow through Integer Overflow in .DOC File Parsing
The .DOC problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerabilities.
The vulnerabilities are present in NOD32 Antivirus software versions prior to the update v.1.1743.
Leggi: http://msmvps.com/blogs/donna/archive/2006/12/20/nod32-antivirus-doc-parsing-arbitrary-code-execution-advisory.aspx