Release date:
Updated on:
Affected Systems:
AVIRA AntiVir 14.x
AVIRA AntiVir
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63466
Avira AntiVir is a German antivirus software.
Avira Internet Security 14 and other versions of Avipbb. sys drivers have a boundary error when processing 0x222450 IOCTL, which can cause a buffer overflow in the kernel pool. Local users can exploit this vulnerability to escalate permissions.
<* Source: Ahmad Moghimi
Link: http://forums.cnet.com/7726-6132_102-5513670.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
AVIRA
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.avira.com/
Refer:
Http://mallocat.com/another-journey-to-antivirus-escalation/
Http://secunia.com/advisories/55412/