Heap-based Buffer Overflow in Avast! Anti-Virus Managed Client
CVE-2007-2845

Currently unrated

Key Information:

Vendor: Avast
Status: Avast Antivirus
Vendor: CVE Published:; 24 May 2007

What is CVE-2007-2845?

The Avast! Anti-Virus Managed Client is susceptible to a heap-based buffer overflow vulnerability due to improper handling of crafted CAB archives. This issue arises from an integer cast error, which can potentially allow remote attackers, with user assistance, to execute arbitrary code. Users are advised to update to version 4.7.700 or later to mitigate this risk.

References

http://marc.info/?l=full-disclosure&m=118000321419384&w=2

mailing-listx_refsource_FULLDISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/34477

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/469469/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 24, 2007
Vulnerability Reserved
May 24, 2007