Avira AntiVir File Handling Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
multiple issues.

Description :

The remote host is running Avira AntiVir, an antivirus software
application.

The version of AntiVir installed on the remote host is reportedly
prone to a buffer overflow in its LZH file processing code as well as
denial of service vulnerabilities when parsing UPX and TAR files. An
attacker may be able to exploit these issues to execute arbitrary code
on the remote host, likely with LOCAL SYSTEM privileges, to crash the
remote antivirus engine, or to cause the CPU to enter an endless loop.

See also :

http://seclists.org/fulldisclosure/2007/May/506
http://seclists.org/fulldisclosure/2007/May/512
http://seclists.org/fulldisclosure/2007/May/545
http://www.nessus.org/u?f04e4f51

Solution :

Use AntiVir's Update feature to upgrade to the latest version.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25348 (avira_file_vulns.nasl)

Bugtraq ID: 24187
24239

CVE ID: CVE-2007-2972
CVE-2007-2973
CVE-2007-2974

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now