Avira Antivirus Remote Heap Underflow Vulnerability



Avira Antivirus is prone to a remote heap-underflow vulnerability.

Successfully exploiting this vulnerability may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts may likely result in denial-of-service conditions.

The issue is fixed in Avira antivirus 8.3.36.60.

Information

Bugtraq ID: 84841
Class: Boundary Condition Error
CVE: CVE-2016-10402

Remote: Yes
Local: No
Published: Mar 16 2016 12:00AM
Updated: Aug 22 2017 04:11PM
Credit: Tavis Ormandy.
Vulnerable: AVIRA Antivirus 0


Not Vulnerable: AVIRA Antivirus 8.3.36.60


Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts

Comments