Technical Description

Multiple vulnerabilities have been identified in Avira AntiVir, which could be exploited by attackers or malware to take complete control of an affected system or cause a denial of service.

The first issue is caused by a buffer overflow error when processing malformed LZH archives, which could be exploited by attackers to execute arbitrary commands by tricking a system protected by a vulnerable application to scan a malicious file.

The second vulnerability is due to a division by zero error when handling a malformed UPX file, which could be exploited by attackers to crash a vulnerable application, creating a denial of service condition.

The third issue is caused by an infinite loop when processing malformed TAR archives, which could be exploited by attackers to exhaust all available memory resources, creating a denial of service condition.

Affected Products

Avira AntiVir versions 7.x

Solution

Apply patches :
http://www.avira.com/de/download/index.html

References

http://www.vupen.com/english/advisories/2007/1971
http://forum.antivir-pe.de/thread.php?threadid=22528
http://www.nruns.com/security_advisory_antivir_upx.php
http://www.nruns.com/security_advisory_antivir_lzh.php
http://www.nruns.com/security_advisory_antivir_tar.php

Credits

Vulnerabilities reported by Sergio Alvarez (n.runs AG).

ChangeLog

2007-05-28 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.