IDA Pro Multiple Memory Corruption Vulnerabilities

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an application installed that is affected by
memory corruption vulnerabilities.

Description :

The version of IDA Pro, an interactive disassembler installed on the
remote host, is 6.5 or 6.6. It is, therefore, affected by memory
corruption vulnerabilities.

These vulnerabilities are mitigated by updated IDA loaders, which were
not detected.

By tricking a user into loading a specially crafted IDB (IDA database)
file into IDA Pro, an attacker can cause a denial of service or
execute arbitrary code or have other unspecified impact.

See also :

https://www.hex-rays.com/vulnfix.shtml

Solution :

Install the fix provided by the vendor.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)

Family: Windows

Nessus Plugin ID: 77750 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now