Vulnerabilities disclosed after patching.
Two stack-overflow vulnerabilities have been disclosed in
Eset
‘s flagship
NOD32 AntiVirus
product, which could have been exploited to escalate privileges, or even execute code remotely and thus access a vulnerable system.
The overflow issues, which involve specially formatted pathnames which are not properly processed by the product when dealing with malware, were discovered by researcher Ismael Briones, and after initial reports to
Eset
are now being made public after successful patching in a very rapid turnaround.
The flaws are described as ‘hard to exploit’, and are thought unlikely to have been taken advantage of in the wild. Fixes for the product, released two weeks ago, should have been applied automatically during normal updates, but users are advised to ensure they are running the latest version of the product at all times.
Details of the flaws released by the researcher, without actual exploit code, are
here
, and a
Secunia
alert is
here
.
Posted on 23 May 2007 by
Virus Bulletin
Leave a Reply