[security-alerts] FW: [SA23415] BitDefender AntiVirus Engine PE File Parsing Buffer Overflow

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> BitDefender AntiVirus Engine PE File Parsing Buffer Overflow
> 
> SECUNIA ADVISORY ID:
> SA23415
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/23415/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> System access
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> BitDefender Internet Security 9.x
> http://secunia.com/product/5802/
> BitDefender for MS ISA Server
> http://secunia.com/product/2109/
> BitDefender for MS Exchange 5.5 1.x
> http://secunia.com/product/2107/
> BitDefender for MS Exchange 2003 1.x
> http://secunia.com/product/5872/
> BitDefender for MS Exchange 2000 1.x
> http://secunia.com/product/2108/
> BitDefender Antivirus Standard 9.x
> http://secunia.com/product/9777/
> BitDefender Antivirus Standard 8.x
> http://secunia.com/product/4988/
> BitDefender Antivirus Professional Plus 8.x
> http://secunia.com/product/4987/
> BitDefender Mail Protection for Small Business 1.x
> http://secunia.com/product/5876/
> 
> DESCRIPTION:
> Sergio Alvarez has reported a vulnerability in BitDefender
> Anti-Virus, which can be exploited by malicious people to compromise
> a vulnerable system.
> 
> The vulnerability is caused due to an integer overflow within the
> AntiVirus engine when parsing certain packed PE files. This can be
> exploited to cause a heap-based buffer overflow via a specially
> crafted PE file.
> 
> Successful exploitation may allow execution of arbitrary code.
> 
> SOLUTION:
> Update to the latest version.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Sergio Alvarez, n.runs AG.
> 
> ORIGINAL ADVISORY:
> BitDefender:
> http://www.bitdefender.com/KB323-en--cevakrnl.xmd-vulnerability.html
> 
> Full-Disclosure:
> http://lists.grok.org.uk/pipermail/full-disclosure/2006-Decemb
> er/051319.html
>