Avira Antivirus Remote Heap Underflow Vulnerability

Avira Antivirus is prone to a remote heap-underflow vulnerability.

Successfully exploiting this vulnerability may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts may likely result in denial-of-service conditions.

The issue is fixed in Avira antivirus 8.3.36.60.

Information

Bugtraq ID: 84841
Class: Boundary Condition Error
CVE: CVE-2016-10402

Remote: Yes
Local: No
Published: Mar 16 2016 12:00AM
Updated: Aug 22 2017 04:11PM
Credit: Tavis Ormandy.
Vulnerable: AVIRA Antivirus 0

Not Vulnerable: AVIRA Antivirus 8.3.36.60

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

Avira Homepage (Avira)
Avira: Heap underflow parsing PE section headers (Chromimum)

Source: www.securityfocus.com

Exploit Collector

Search Exploit