TITLE: McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA19451
VERIFY ADVISORY: http://secunia.com/advisories/19451/ CRITICAL: Less critical IMPACT: System access WHERE: >From remote SOFTWARE: McAfee VirusScan 10.x http://secunia.com/product/9052/ McAfee SecurityCenter 6.x http://secunia.com/product/6437/ DESCRIPTION: A vulnerability has been discovered in McAfee VirusScan, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in a 3rd-party compression library (DUNZIP32.dll) when processing virus definition files. This can be exploited to cause a buffer overflow via a specially crafted definition file. The vulnerability is related to: SA12869 Successful exploitation requires that the user is e.g. tricked into updating the virus definition file from a malicious site. The vulnerability has been reported in McAfee VirusScan version 10.0.21 included with McAfee SecurityCenter Agent version 6.0.0.16. Prior versions may also be affected. SOLUTION: Update to the fixed version of DUNZUIP32.dll via online update. ORIGINAL ADVISORY: http://www.networksecurity.fi/advisories/mcafee-virusscan.html OTHER REFERENCES: SA12869: http://secunia.com/advisories/12869/ ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
