Dear visitor, Welcome to Avira Support Forum. If this is your first visit here, please read the Help. It explains how this page works. You must be registered before you can use all the page's features. Please use the registration form to register here or read more information about the registration process. If you are already registered, please login here.
Avira AntiVir Vulnerabilities
Within this thread vulnerabilites confirmed by Avira are released to the public.
Patrick Lichtner
Avira GmbH
Access violation in LZH archives
Description:
Buffer overflow in specially crafted archives.
Fixed with:
AVPack >= 7.03.00.09
The fixed version was shipped to all customers via update at 2007-05-23 12:35 pm.
Credits:
Avira GbmH thanks Sergio 'shadown' Alvarez of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
Divide by zero's in UPX files
Description:
Bug in engine
Fixed with:
Engine >= 7.04.00.24
The fixed versions were shipped to all customers via update at 2007-05-23 12:35 pm.
Credits:
Avira GbmH thanks Sergio 'shadown' Alvarez of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
Infinite loop in TAR archives
Descrition:
Endless loop, we tried to seek above the 4GB treshold.
Fixed with:
AVPack >= 7.03.00.09
The fixed versions were shipped to all customers via update at 2007-05-23 12:35 pm.
Credits:
Avira GbmH thanks Sergio 'shadown' Alvarez of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
AVPack aborts extraction because of invalid packed size archives
Description:
AVPack aborts extraction because of invalid packed size archives
Fixed with:
AVPack >= 7.3.0.10
The fixed version was shipped to all customers via update at 2007-05-30 15:37 pm.
Credits:
Avira GbmH thanks Thierry Zoller of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
Problems when parsing manipulated RAR archives (support for high version numbers)
Description:
AVPack aborts extraction when parsing manipulated RAR archives (support for high version numbers incl. 36)
Fixed with:
AVPack >= 7.3.0.12
The fixed version was shipped to all customers via update at 2007-06-13 11:39 am.
Credits:
Avira GbmH thanks Thierry Zoller of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
CAB: Extraction aborted because of invalid version number
Description:
AVPack aborts extraction when the cab version number is invalid.
Fixed with:
AVPack >= 7.3.0.12
The fixed version was shipped to all customers via update at 2007-06-13 11:39 am.
Credits:
Avira GbmH thanks Thierry Zoller of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
CAB: Extraction aborted because of manipulated CAB archives
Description:
AVPack aborts extraction when the number of folders is manipulated (integrity of folder entities)
Fixed with:
AVPack >= 7.3.0.12
The fixed version was shipped to all customers via update at 2007-06-13 11:39 am.
Credits:
Avira GbmH thanks Thierry Zoller of n.runs for bringing this issue to our attention.
Patrick Lichtner
Avira GmbH
Thursday, September 2nd 2010, 9:11pm UTC+2
