Secunia Research has discovered a vulnerability in AhnLab V3 Antivirus, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the archive decompression library when reading the filename of a compressed file from an ALZ, UUE or XXE archive. This can be exploited to cause a stack-based buffer overflow (ALZ), or a heap-based buffer overflow (UUE/XXE), when a malicious ALZ/UUE/XXE archive is scanned.
Successful exploitation allows arbitrary code execution, but requires that compressed file scanning is enabled.
The vulnerability has been confirmed in the following products:
* AhnLab V3Pro 2004 (AhnLab V3 VirusBlock 2005 international) (Build 18.104.22.1687)
* AhnLab V3Net for Windows Server 6.0 (Build 22.214.171.1247)
* AhnLab MyV3 with AzMain.dll 126.96.36.199
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org