HTTP: Panda Antivirus ZOO Archive Decompression Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Panda Antivirus. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the process's user.
Extended Description
Panda Software Antivirus products are prone to a heap overflow vulnerability. This issue is exposed when the antivirus library attempts to decompress ZOO archive files. Successful exploitation will result in execution of arbitrary code in the context of an affected application. The issue could affect desktop, gateway, and server antivirus applications on supported platforms. A number of third-party applications may also employ the affected library and could also be vulnerable. A conclusive list of affected products is not available at this time.
Affected Products
Panda exchangesecure
Short Name
HTTP:STC:DL:PANDA-ZOO-BO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Antivirus Archive Buffer CVE-2005-3922 Decompression Overflow Panda ZOO bid:15616
Release Date
09/15/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Panda
CVSS Score
7.5