CERTA-2007-AVI-307

Vulnerability from certfr_avis - Published: 2007-07-12 - Updated: 2007-07-12

Plusieurs vulnérabilités présentes dans AVG Antivirus permettent à un utilisateur local d'élever ses privilèges, de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

Deux erreurs ont été identifiées dans AVG Antivirus :

  • la première concerne la mise en œuvre de l'analyse des fichiers au format RAR et permettrait de provoquer un déni de service de l'application vulnérable ;
  • la seconde est relative à un manque de contrôle sur un appel système mis à disposition par le pilote AVG7CORE.SYS. Elle permettrait à un utilisateur local d'écraser des zones arbitraires de mémoire en espace noyau.

Solution

La version 7.5 build 476 de AVG Antivirus corrige le problème :

http://free.grisoft.com/doc/downloads-products/us/frt/0?prd=aff

http://www.grisoft.com/doc/31/us/crp/0?prd=avw
None
Impacted products
Vendor Product Description
N/A N/A AVG Anti-Virus Professional ;
N/A N/A AVG Anti-Virus Free Edition 7.x ;
N/A N/A AVG Antivirus Server.
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "AVG Anti-Virus Professional ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "AVG Anti-Virus Free Edition 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "AVG Antivirus Server.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux erreurs ont \u00e9t\u00e9 identifi\u00e9es dans AVG Antivirus :\n\n-   la premi\u00e8re concerne la mise en \u0153uvre de l\u0027analyse des fichiers au\n    format RAR et permettrait de provoquer un d\u00e9ni de service de\n    l\u0027application vuln\u00e9rable ;\n-   la seconde est relative \u00e0 un manque de contr\u00f4le sur un appel syst\u00e8me\n    mis \u00e0 disposition par le pilote AVG7CORE.SYS. Elle permettrait \u00e0 un\n    utilisateur local d\u0027\u00e9craser des zones arbitraires de m\u00e9moire en\n    espace noyau.\n\n## Solution\n\nLa version 7.5 build 476 de AVG Antivirus corrige le probl\u00e8me :\n\n    http://free.grisoft.com/doc/downloads-products/us/frt/0?prd=aff\n\n    http://www.grisoft.com/doc/31/us/crp/0?prd=avw\n",
  "cves": [],
  "initial_release_date": "2007-07-12T00:00:00",
  "last_revision_date": "2007-07-12T00:00:00",
  "links": [
    {
      "title": "Site de AVG Antivirus :",
      "url": "http://www.grisoft.com"
    },
    {
      "title": "Note de sortie de la version 7.5 build 476 de AVG    Antivirus :",
      "url": "http://free.grisoft.com/doc/29919/us/frt/0"
    }
  ],
  "reference": "CERTA-2007-AVI-307",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans AVG Antivirus permettent \u00e0 un\nutilisateur local d\u0027\u00e9lever ses privil\u00e8ges, de provoquer un d\u00e9ni de\nservice ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de AVG Antivirus",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de sortie de la version 7.5 build 476 de AVG Antivirus",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.