NOD32 4.2 LZH PoC exploit

Discussion in 'ESET NOD32 Antivirus' started by PhoenixUA, May 9, 2010.

Thread Status:
Not open for further replies.
  1. PhoenixUA

    PhoenixUA Registered Member

    Joined:
    Jul 16, 2008
    Posts:
    13
    http://securityreason.com/exploitalert/8213

    # ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64)
    # LZH archive parsing PoC exploit.
    #
    # Scanning of malicious file causes heap corruption in context
    # of the service process (ekrn.exe).

    When will be update?
     
    PhoenixUA, May 9, 2010
    #1
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    do you think they bothered to notify Eset of it before going public? That would be a responsible thing to do to protect the public
     
    Cudni, May 9, 2010
    #2
  3. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    A fix was issued around 12:30PM (PDT) on May 7, 2010 as a part of archive module 1114.

    I am not sure how notification was made, but tt is possible the person who found the issue contacted a reseller or distributor instead of ESET directly.

    Regards,

    Aryeh Goretsky
     
    agoretsky, May 11, 2010
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...