IDA Kernel Database TIL Section Parsing Unspecified Issue

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an application installed that is affected by an
unspecified flaw.

Description :

The version of IDA Pro, an interactive disassembler installed on the
remote host, is 6.0 or newer. It is, therefore, reportedly affected by
an unspecified vulnerability.

This vulnerability is mitigated by an IDA plugin (tilcheck.plw), which
was not detected.

By tricking a user into loading a specially crafted IDB (IDA database)
file into IDA Pro, it may be possible for the attacker to have an
unspecified impact.

See also :

https://www.hex-rays.com/vulnfix.shtml

Solution :

Upgrade to 6.5 or 6.6 and download and install the tilcheck plugins
(and any other included files) from the link referenced.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.4
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 76166 ()

Bugtraq ID: 68055

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now