[virusinfo] [SA11312] Panda ActiveScan Control "Internacional" Property Heap Overflow Vulnerability

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Wed, 07 Apr 2004 10:49:26 -0700


From; Secunia Security Advisories:

TITLE:
Panda ActiveScan Control "Internacional" Property Heap Overflow
Vulnerability

SECUNIA ADVISORY ID:
SA11312

VERIFY ADVISORY:
http://secunia.com/advisories/11312/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Panda ActiveScan Control 1.x

DESCRIPTION:
Rafel Ivgi has discovered a vulnerability in Panda ActiveScan
Control, which can be exploited by malicious people to compromise a
user's system.

The Panda ActiveScan Control is a component installed by Panda
ActiveScan on a user's system the first time an online scanning is
performed. The vulnerability is caused due to a boundary error within
the "ReportHebrew" object, which can be exploited to cause a heap
overflow by passing an overly long string to the "Internacional"
property.

Successful exploitation may allow execution of arbitrary code on a
user's system by e.g. tricking the user into visiting a malicious
website.

SOLUTION:
Delete the ActiveX component ("ascontrol.dll") from systems that have
been scanned by the online ActiveScan scanner.

PROVIDED AND/OR DISCOVERED BY:
Rafel Ivgi

ORIGINAL ADVISORY:
http://theinsider.deep-ice.com/texts/advisory53.txt

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] [SA11312] Panda ActiveScan Control "Internacional" Property Heap Overflow Vulnerability
  1. Home
  2. virusinfo
  3. Archive
  4. 04-2004