Signature Detail
Short Name |
HTTP:STC:DL:PANDA-ZOO-BO |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Panda Antivirus ZOO Archive Decompression Buffer Overflow |
Release Date |
2010/09/15 |
Update Number |
1773 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Panda Antivirus ZOO Archive Decompression Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Panda Antivirus. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the process's user.
Extended Description
Panda Software Antivirus products are prone to a heap overflow vulnerability. This issue is exposed when the antivirus library attempts to decompress ZOO archive files. Successful exploitation will result in execution of arbitrary code in the context of an affected application. The issue could affect desktop, gateway, and server antivirus applications on supported platforms. A number of third-party applications may also employ the affected library and could also be vulnerable. A conclusive list of affected products is not available at this time.
Affected Products
- Panda ActiveScan 5.0.0
- Panda Antivirus for NetWare 2.0.0
- Panda Antivirus Platinum 2.0.0
- Panda BusinesSecure Antivirus
- Panda ClientShield with TruPrevent Technologies
- Panda EnterpriSecure with TruPrevent Technologies
- Panda ExchangeSecure
- Panda FileSecure
- Panda FileSecure with TruPrevent Technologies
- Panda GateDefender
- Panda ISA Secure
- Panda Panda EnterpriSecure Antivirus
- Panda Platinum 2006 Internet Security
- Panda Security 3.0.0
- Panda Titanium
- Panda Titanium 2005 Antivirus
- Panda Titanium 2006 Antivirus + Antispyware
- Panda TruPrevent Personal 2005
- Panda TruPrevent Personal 2006
- Panda WebAdmin
References
- BugTraq: 15616
- CVE: CVE-2005-3922