Friday, December 19, 2008 9:57 AM
cmosby
BitDefender Antivirus Scanner for Unices PE File Parsing Integer Overflows - Secunia
BitDefender Antivirus Scanner for Unices PE File Parsing Integer Overflows
Secunia Advisory:
SA33240
Release Date:
2008-12-19
Popularity:
201 views
Critical:
Highly critical
Impact:
System access
Where:
From remote
Solution Status:
Vendor Patch
Software:
BitDefender Antivirus Scanner for Unices 7.x
Subscribe:
Instant alerts on relevant vulnerabilities 
Description:
Some vulnerabilities have been reported in BitDefender, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to integer overflows when processing certain PE files packed with NeoLite or ASProtect. This can potentially be exploited to execute arbitrary code via specially crafted PE files.
The vulnerabilities are reported in version 7.60825 and prior. Other versions may also be affected.
Solution:
Reportedly fixed via automatic updates since September 24, 2008.
Provided and/or discovered by:
Jonathan Brossard, iViZ Techno Solutions Pvt. Ltd.
Original Advisory:
http://www.ivizsecurity.com/security-advisory-iviz-sr-08012.html
Filed under: Patch Management, AntiVirus Information, Security