Signature Detail

HTTP: BitDefender Antivirus PDF Processing Memory Corruption1

There exists a memory corruption vulnerability in multiple BitDefender products. The vulnerability is due to boundary errors within the BitDefender PDF Scanner plugin pdf.xmd. A remote attacker can exploit this vulnerability by delivering a crafted PDF file to the vulnerable system, potentially causing arbitrary code to be injected and executed in the security context of the current user. In case of a successful code injection and execution attack, the behaviour of the target host is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the currently logged in user. If the code injection and execution fails, a denial of service might occur due to termination of the anti-virus process, or resource exhaustion when the attack results in an infinite loop in the code. Both cases might allow for further exploitation of the target system, exposing the system to other threats in absence of the Antivirus daemon.