CA Vet Scan Engine < 11.9.1 Library Remote Heap Overflow
Critical Nessus Plugin ID 20174
SynopsisThe remote antivirus application allows execution of arbitrary code.
DescriptionThe remote host is running a version of CA Vet Scan Engine that is vulnerable to heap overflow. An attacker may exploit this flaw to execute arbitrary code on the remote host with the privileges of a local administrator or to disable the remote service remotely.
To exploit this flaw, an attacker would need to send a specially- crafted file to the remote antivirus library.
SolutionInstall the latest virus definitions and ensure that the Vet engine is version 11.9.1 or later.