F-Secure Anti-Virus for Linux CHM File Parsing Overflow

2005-10-10T03:59:06
ID OSVDB:19913
Type osvdb
Reporter OSVDB
Modified 2005-10-10T03:59:06

Description

Vulnerability Description

A remote overflow exists in F-Secure Anti-Virus for Linux. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, F-Secure has released a signature update to address this vulnerability.

Short Description

A remote overflow exists in F-Secure Anti-Virus for Linux. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.f-secure.com/ Secunia Advisory ID:17144 Other Advisory URL: http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0232.html ISS X-Force ID: 22564 CVE-2005-3664 Bugtraq ID: 15054