McAfee.LHA.Type.2.File.Handling.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in the McAfee Antivirus Library.
The vulnerability is caused by a boundary check error in the LHA archive parser. An attacker may exploit this to execute arbitrary code.
Affected Products
McAfee Scan Engine 4320 with DAT version before 4436
Impact
Arbitrary code execution.
Recommended Actions
The vendor has released an updated scan engine in a DAT file to affected customers. It is reported that customers running the 4320 engine and DAT version prior to 4436 are prone to this issue; these customers are advised to contact the vendor for further information regarding obtaining an applying appropriate updates.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |