HTTP: Avast! Antivirus LHA Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Avast! Antivirus Engine. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.
Extended Description
Avast! antivirus engine is prone to a buffer-overflow vulnerability in its LHA processing routines. A successful attack can allow a remote attacker to corrupt process memory by triggering an overflow condition in the LHA processing engine. This may lead to arbitrary code execution in the context of applications that use the vulnerable engine. This may result in a full computer compromise. Applications that use versions of Avast! antivirus engine earlier than 4.7.869 (for desktops) or 4.7.660 (for servers) are vulnerable to this issue.
Affected Products
Netwin surgemail
Short Name
HTTP:STC:DL:AVAST-LHA
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Antivirus Avast! Buffer CVE-2006-4626 LHA Overflow bid:19903
Release Date
09/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Smartmax_software
Paul_smith_computer_services
Avast!
Icewarp
Bains_digital
Noticeware
Netwin
CVSS Score
7.5