McAfee Virus Scan vulnerability for archievd files corrected
Posted
Sat, Mar 19 2005 20:51
by
Harry Waldron
A vulnerability for McAfee's Virus has been discovered when can be triggered by scanning a specially crafted archieved file. This can be corrected by using the latest DAT files and engine.
http://isc.sans.org/diary.php?date=2005-03-18
http://xforce.iss.net/xforce/alerts/id/190
http://www.auscert.org.au/render.html?it=4908
McAfee AntiVirus Library Stack Overflow
The ISS X-Force has another notch in their belt today, releasing information about a flaw they have discovered in AntiVirus Library versions prior to 4400. To exploit this vulnerability, an attacker is required to craft a custom LHA Archive file which will allow the attacker to run arbitrary code on the McAfee protected system when the file is scanned for viruses.