Hey folks. For anyone out there that happens to be using the AVG product please be aware that there are new problems that have been posted by the folks at Secunia. The long and the short of it is that this vulnerability can potentially result in system access from remote.
From Secunia:
Description:
Sergio Alvarez has reported some vulnerabilities in AVG Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1) An integer overflow error when parsing CAB archives can be exploited to cause a heap-based buffer overflow via a specially crafted CAB archive.
2) An unspecified error when parsing RAR archives can be exploited to cause a heap-based buffer overflow via a specially crafted RAR archive.
3) An uninitialized variable error exists within the parsing of CAB archives.
4) A division by zero error when parsing DOC files may in certain cases cause a DoS via a specially crafted DOC file.
5) An unspecified error exists within the parsing of EXE files.
The vulnerabilities are reported in AVG Antivirus software versions prior to 7.1.407.
Solution:
Update to the latest version.
Tags: AVG Antivirus, Vulnerability, DoS, Remote Access
