Avast! Antivirus File Opening Insecure Library Loading Vulnerability (Win) Network Vulnerability

Summary

This host is installed with avast! AntiVirus and is prone to insecure library loading vulnerability.

Impact

Successful exploitation will allow the attackers to execute arbitrary code and conduct DLL hijacking attacks. Impact Level: Application

Solution

Upgrade to version 5.0.677 or later, For updates refer to http://www.avast.com/eng/download.html

Insight

The flaw is due to the application insecurely loading certain librairies from the current working directory, which could allow attackers to execute arbitrary code by tricking a user into opening a license file.

Affected

Avast! Antivirus version 5.0.594 and prior.

References

http://secunia.com/advisories/41109
http://www.exploit-db.com/exploits/14743/
http://www.vupen.com/english/advisories/2010/2175

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3126

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
Adobe Air Remote Code Execution Vulnerability -June13 (Windows)

Take action and discover your vulnerabilities