Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:AVAST-LHA |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Avast! Antivirus LHA Buffer Overflow |
Release Date |
2010/09/22 |
Update Number |
1777 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Avast! Antivirus LHA Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Avast! Antivirus Engine. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.
Extended Description
Avast! antivirus engine is prone to a buffer-overflow vulnerability in its LHA processing routines. A successful attack can allow a remote attacker to corrupt process memory by triggering an overflow condition in the LHA processing engine. This may lead to arbitrary code execution in the context of applications that use the vulnerable engine. This may result in a full computer compromise. Applications that use versions of Avast! antivirus engine earlier than 4.7.869 (for desktops) or 4.7.660 (for servers) are vulnerable to this issue.
Affected Products
- Avast! antivirus_home_edition 4.0.0
- Avast! antivirus_home_edition 4.6.0
- Avast! antivirus_home_edition 4.6.652
- Avast! antivirus_home_edition 4.6.655
- Avast! antivirus_home_edition 4.6.665
- Avast! antivirus_home_edition 4.6.691
- Avast! antivirus_home_edition 4.7.827
- Avast! antivirus_home_edition 4.7.844
- Avast! antivirus_professional_edition 4.0.0
- Avast! antivirus_professional_edition 4.6.0
- Avast! antivirus_professional_edition 4.6.603
- Avast! antivirus_professional_edition 4.6.652
- Avast! antivirus_professional_edition 4.6.665
- Avast! antivirus_professional_edition 4.6.691
- Avast! antivirus_professional_edition 4.7.827
- Avast! antivirus_professional_edition 4.7.844
- Avast! antivirus_server_edition 4.6.460
- Avast! antivirus_server_edition 4.6.489
- Bains_digital defender_mx
- Icewarp merak_mail_server 2.1.0 0.250
- Icewarp merak_mail_server 2.1.0 0.260
- Icewarp merak_mail_server 2.1.0 0.280
- Icewarp merak_mail_server 2.1.0 0.290
- Icewarp merak_mail_server 2.1.0 0.360
- Icewarp merak_mail_server 3.0.0 0.100
- Icewarp merak_mail_server 4.0.0 0.30
- Icewarp merak_mail_server 4.1.0 0.040
- Icewarp merak_mail_server 4.1.0 0.050
- Icewarp merak_mail_server 5.1.2
- Icewarp merak_mail_server 5.1.3
- Icewarp merak_mail_server 5.3.0 .0
- Icewarp merak_mail_server 5.3.2
- Icewarp merak_mail_server 6.0.7
- Icewarp merak_mail_server 6.1.0 .0
- Netwin surgemail 1.8.0 a
- Netwin surgemail 1.8.0 b3
- Netwin surgemail 1.8.0 d
- Netwin surgemail 1.8.0 e
- Netwin surgemail 1.8.0 g3
- Netwin surgemail 1.9.0
- Netwin surgemail 1.9.0 b2
- Netwin surgemail 2.0.0 a2
- Netwin surgemail 2.0.0 c
- Netwin surgemail 2.0.0 e
- Netwin surgemail 2.0.0 g2
- Netwin surgemail 2.1.0 a
- Netwin surgemail 2.1.0 c7
- Netwin surgemail 2.2.0 a6
- Netwin surgemail 2.2.0 c10
- Netwin surgemail 2.2.0 c9
- Netwin surgemail 2.2.0 g2
- Netwin surgemail 2.2.0 g3
- Netwin surgemail 3.0.0 a
- Netwin surgemail 3.0.0 c2
- Noticeware internet_anywhere_emailserver
- Paul_smith_computer_services vpop3_email_server
- Smartmax_software mailmax 1.0.0
- Smartmax_software mailmax 4.8.0
- Smartmax_software mailmax 5.0.0
- Smartmax_software mailmax 5.0.10 .6
- Smartmax_software mailmax 5.0.10 .7
- Smartmax_software mailmax 5.0.10 .8
- Smartmax_software mailmax 5.5.0
References
- BugTraq: 19903
- CVE: CVE-2006-4626