Overflows hit NOD32

Posted by   Virus Bulletin on   May 23, 2007

Vulnerabilities disclosed after patching.

Two stack-overflow vulnerabilities have been disclosed in Eset's flagship NOD32 AntiVirus product, which could have been exploited to escalate privileges, or even execute code remotely and thus access a vulnerable system.

The overflow issues, which involve specially formatted pathnames which are not properly processed by the product when dealing with malware, were discovered by researcher Ismael Briones, and after initial reports to Eset are now being made public after successful patching in a very rapid turnaround.

The flaws are described as 'hard to exploit', and are thought unlikely to have been taken advantage of in the wild. Fixes for the product, released two weeks ago, should have been applied automatically during normal updates, but users are advised to ensure they are running the latest version of the product at all times.

Details of the flaws released by the researcher, without actual exploit code, are here, and a Secunia alert is here.

Posted on 23 May 2007 by Virus Bulletin



Latest posts:

VB2017 paper: The life story of an IPT - Inept Persistent Threat actor

At VB2017 in Madrid, Polish security researcher and journalist Adam Haertlé presented a paper about a very inept persistent threat. Today, we publish both the paper and the recording of Adam's presentation.

Five reasons to submit a VB2018 paper this weekend

The call for papers for VB2018 closes on 18 March, and while we've already received many great submissions, we still want more! Here are five reasons why you should submit a paper this weekend.

First partners of VB2018 announced

We are excited to announce the first six companies to partner with VB2018.

VB2018: looking for technical and non-technical talks

We like to pick good, solid technical talks for the VB conference programme, but good talks don't have to be technical and we welcome less technical submissions just as much.

Partner with VB2018 for extra visibility among industry peers

Partnering with the VB conference links your company to a successful and well-established event, demonstrates your commitment to moving the industry forward, allows you to meet potential clients, be visible to industry peers and build lasting…