29 May 2007, 10:42

Further vulnerabilities in anti-virus software

Having reported on Avast's anti-virus software, Sergio Alvarez from security company n.runs now seems to have turned his attention to Avira's Antivir product, in which he has discovered a number of security-related vulnerabilities. A buffer overflow which can be used to inject and execute code can occur when processing LZH compressed files. A division by zero can occur with UPX files and TAR files can cause the software to enter an infinite loop.

Avira has, however, been quick to react. Less than two weeks after being notified by Alvarez, the vendor has distributed AVPack version 7.03.00.09 and a new engine version 7.04.00.24, which fix the problem, to all customers.

Channels

Services

Further vulnerabilities in anti-virus software

Also on The H:

Content Security Policy halts XSS in its tracks

Skype's ominous link checking: Facts and speculation

Password protection for everyone

Two clicks for more privacy

What's new in SUSE Linux Enterprise 11 SP3

What's new in Fedora 19

What's new in Linux 3.10

Free Software post-PRISM

Kernel Log: Coming in 3.10 (Part 4) - Drivers

The trouble with "Business Source"

Kernel Log: Coming in 3.10 (Part 3) - Infrastructure

Whatever happened to Google?

Java EE 7 at a glance

Continuous database migration with Liquibase and Flyway

Unit testing with Node.js

Ruby 2.0 - the 20th birthday present

Linux Mint 15: A better Ubuntu for the desktop

What's new in Linux 3.9

Replacing Google Reader

Attacking TrueCrypt

The H

The H Open

The H Security

The H Developer

The H Internet Toolkit