CVE-2007-2846

avast! Anti-Virus Managed Client <4.7.700 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34501
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24155
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=118007660813710&w=2
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/125868
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36522
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/469585/100/0/threaded
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1935

Scores

EPSS 0.0774
EPSS Percentile 94.0%

Details

CWE
CWE-119
Status published
Products (2)
avas\!t/avast\!_antivirus 4.6.394
avast\!/avast\!_antivirus < 4.7.652
Published May 24, 2007
Tracked Since Feb 18, 2026