McAfee.LHA.Type.2.File.Handling.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in the McAfee Antivirus Library.
The vulnerability is caused by a boundary check error in the LHA archive parser. An attacker may exploit this to execute arbitrary code.

affected-products-logoAffected Products

McAfee Scan Engine 4320 with DAT version before 4436

Impact logoImpact

Arbitrary code execution.

recomended-action-logoRecommended Actions

The vendor has released an updated scan engine in a DAT file to affected customers. It is reported that customers running the 4320 engine and DAT version prior to 4436 are prone to this issue; these customers are advised to contact the vendor for further information regarding obtaining an applying appropriate updates.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)