avast! CAB / SIS File Handling Buffer Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is susceptible to
buffer overflow attacks.

Description :

The remote host is running avast! Server Edition or Managed Client.

The version of the avast! product installed on the remote host is
reportedly prone to a heap-based overflow in its CAB and SIS file
processing code. An attacker may be able to exploit these issues to
execute arbitrary code on the remote host, likely with LOCAL SYSTEM
privileges.

See also :

http://seclists.org/bugtraq/2007/May/369
http://www.nessus.org/u?21384a15
http://www.avast.com/eng/adnm-management-client-revision-history.html

Solution :

Upgrade to avast! Server Edition 4.7.766 / avast! Managed Client
4.7.700 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25337 (avast_cab_sis_overflows.nasl)

Bugtraq ID: 24132
24155

CVE ID: CVE-2007-2845
CVE-2007-2846

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now