Integer overflow in the packed PE file parsing implementation in BitDefender products prior to 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote malicious users to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
softwin bitdefender antivirus |
||
softwin bitdefender antivirus plus |
||
softwin bitdefender isa_server |
||
softwin bitdefender online scanner |
||
softwin bitdefender ms_exchange_2000 |
||
softwin bitdefender ms_exchange_2003 |
||
softwin bitdefender ms_exchange_5.5 |
||
softwin bitdefender internet security |
||
softwin bitdefender mail protection enterprises |