VB Migration

Tag: buffer overflow

  • Kaspersky fixes serious vulnerability in Online Scanner

    Exploitable ActiveX control replaced in new version. Kaspersky Lab has released an updated version of its popular free online scanner to remedy a vulnerability in an ActiveX control used by the scanning system. The format string flaw, in the ‘kavwebscan’ ActiveX control, could be exploited by a malicious web page to cause a buffer overflow…

  • Series of products hit by vulnerabilities

    Researcher finds flaws in ESET, Panda and Norman AV software. Researcher Sergio Alvarez has reported on vulnerabilities found in a string of anti-virus products this week, with software ranges from ESET , Panda and Norman all hit by serious buffer-overflow flaws, allowing remote access if exploited. The ESET problems involve the handling of CAB archives…

  • Serious holes in Yahoo! Messenger

    Critical vulnerabilities fully disclosed. Two security flaws in the popular Yahoo! Messenger communications software have been reported, with full details available online before a fixed version of the product became available. Initial reports of the flaws, both buffer overflow issues in ActiveX controls used by the software, imply they are simple to exploit, with in-depth…

  • CA struck by vulnerability

    CAB handling issue affects swathe of products. Two flaws related to the handling of CAB archive files by the CA anti-virus engine have been reported, rendering products across CA ‘s range vulnerable exploitation allowing remote access to affected systems. One flaw is a buffer overflow caused by excessively long filenames within CAB archives, while the…

  • Overflows hit NOD32

    Vulnerabilities disclosed after patching. Two stack-overflow vulnerabilities have been disclosed in Eset ‘s flagship NOD32 AntiVirus product, which could have been exploited to escalate privileges, or even execute code remotely and thus access a vulnerable system. The overflow issues, which involve specially formatted pathnames which are not properly processed by the product when dealing with…

  • Latest flaws affect AV giants

    Symantec, McAfee and CA all patch vulnerabilities. Three of the biggest names in the security sector, McAfee , Symantec and CA , have all revealed details of flaws in their software which have been discovered and patched in recent months. The most severe vulnerability was suffered by a wide range of McAfee products, including its…