Описание
Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.6.460 (включая)Версия до 4.6.763 (включая)
Одно из
cpe:2.3:a:alwil:avast_antivirus:*:*:server:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:*:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.168:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.172:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.183:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.202:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.211:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.229:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.0.235:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.260:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.268:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.278:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.287:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.289:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.304:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.319:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.335:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.342:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.357:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.389:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.396:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.412:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.418:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.1.501:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.5.518:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.5.549:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.5.561:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.6.603:*:*:*:*:*:*:*
cpe:2.3:a:alwil:avast_antivirus:4.6.623:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05886
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow.
EPSS
Процентиль: 90%
0.05886
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other