Secunia Advisory: SA19451 Print Advisory
Release Date: 2006-03-30
Critical:
Less critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: McAfee SecurityCenter 6.x
McAfee VirusScan 10.x
Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.
CVE reference: CVE-2004-1094
Description:
A vulnerability has been discovered in McAfee VirusScan, which
potentially can be exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to a boundary error in a 3rd-party
compression library (DUNZIP32.dll) when processing virus definition
files. This can be exploited to cause a buffer overflow via a specially
crafted definition file.
The vulnerability is related to:
SA12869
Successful exploitation requires that the user is e.g. tricked into
updating the virus definition file from a malicious site.
The vulnerability has been reported in McAfee VirusScan version 10.0.21
included with McAfee SecurityCenter Agent version 6.0.0.16. Prior
versions may also be affected.
Solution:
Update to the fixed version of DUNZUIP32.dll via online update.
Provided and/or discovered by:
Originally discovered by eEye Digital Security and NGSSoftware in
RealPlayer and RealOne.
Reported in McAfee VirusScan by:
Juha-Matti Laurio
Original Advisory:
http://www.networksecurity.fi/advisories/mcafee-virusscan.html
Other References:
SA12869:
http://secunia.com/advisories/12869/
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
