Security hole in Panda's online virus scanner
Panda's online virus scanner installs ActiveX modules that ill-intentioned individuals could exploit through specially prepared websites. Secunia has reported vulnerabilities in the ActiveX modules that allow attackers to plant arbitrary malicious code on affected systems.
The Panda scanner's ActiveScan.1 ActiveX control is responsible for two vulnerabilities at once. A call of the Reinicializar() function causes the computer to reboot without user confirmation. The Analizar() function is not thread-safe – several variables and pointers are found in common memory areas. Repeated calling of the function can create what is known as a race condition, which can corrupt memory and lead to the execution of smuggled code.
Less critical is the hole in the ObtenerTamano() function of the PAVPZ.SOS.1 ActiveX component. This returns back the size of an indicated local file, from which attackers could potentially infer the existence of specific file versions. Panda has since released updated ActiveX modules that should be installed by visitors as soon as possible through a visit to the site and the launching of a scan with the online scanner.
- Panda ActiveScan Multiple Vulnerabilities, security advisory from Secunia
- Panda ActiveScan homepage, with updated ActiveX modules