Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4786

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2005-4786
Last Modified 07 Mar 2011 09:29:00
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-4786

Summary

Buffer overflow in the archive decompression library (vrAZMain.dll 5.8.22.137), as used in HAURI anti-virus products including (1) ViRobot Expert 4.0, (2) ViRobot Advanced Server, and (3) HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a long filename.

Vulnerable Systems

Application

  • Hauri Livecall

  • Hauri Virobot Advanced Server

  • Hauri Virobot Expert 4.0

  • Hauri Virobot Linux Server 2.0

  • Hauri Vrazmain.dll 5.8.22.137


References

BID - 15045

OSVDB - 19878

SECTRACK - 1015019

SECTRACK - 1015018

MISC - http://secunia.com/secunia_research/2005-47/advisory/

SECUNIA - 16852

FULLDISC - 20061006 Secunia Research: HAURI Anti-Virus ALZ Archive Handling Buffer Overflow

XF - hauri-alz-filename-bo(22535)

VUPEN - ADV-2005-1978


Last Updated: 27 May 2016 10:41:26