BitDefenderAntivirus PDF Processing Memory Corruption Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2008 4565 Views

RISK: Medium Risk

Medium Risk

It has discovered a vulnerability in BitDefender Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the "pdf.xmd" module when processing data encoded using e.g. the "FlateDecode" and "ASCIIHexDecode" filters. This can be exploited to cause a memory corruption via a specially crafted PDF file.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in BitDefender Free Edition 10 updated 2008-11-21. Other versions may also be affected.

Impact

  • Remote Code Execution

System / Technologies affected

  • BitDefender Antivirus Standard 10and prior
  • BitDefender Free Edition 10and prior

Solutions

There is no official patch for this vulnerability now, please consider the following workaround.

  • Do not scan untrusted PDF files using BitDefender.

    • Vulnerability Identifier

    • No CVE information is available

    Source

    Related Link

    Share with

    Previous

    AppleiPhone / iPod touch Multiple Vulnerabilities

    24 Nov 2008 4574 Views

    Next

    Sun Java JDK / JRE Multiple Vulnerabilities

    5 Dec 2008 4494 Views

    We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

    PRIVACY POLICY