Published:2005/03/18 Last Updated:2008/05/21
JVN#1F649902
McAfee VirusScan Engine buffer overflow vulnerability
Overview
McAfee VirusScan Engine contains a buffer overflow vulnerability.
Products Affected
- Scan Engine v.4320 (any McAfee Antivirus products using the 4320 engine with DAT version less than 4436)
Description
Impact
A buffer overflow may occur when scanning a malformed LHA file.
Solution
Vendor Status
| Vendor | Link |
| McAfee Co., Ltd. |
http://www.mcafeesecurity.com/japan/announcement/vulnerability.asp |
References
- ISS X-Force Advisories: McAfee AntiVirus Library Stack Overflow
By crafting an LHA file, an attacker is able to trigger a stack overflow - Internet Security Systems
http://www.isskk.co.jp/support/techinfo/general/mcafee_190.html - US-CERT Vulnerability Note VU#361180
McAfee Scan Engine vulnerable to buffer overflow in LHA decoder
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports |
JPCERT-WR-2005-1201 JPCERT/CC REPORT 2005-03-24 |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2005-0643 CVE-2005-0644 |
| JVN iPedia |
JVNDB-2005-000759 |