Multiple AV vendor vulns - archived

[AplusWebMaster]

FYI...

Symantec SYM09-010 - Symantec Products KeyView XLS Processing Buffer Overflow
- http://secunia.com/advisories/36421/2/
Release Date: 2009-08-26
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
OS: Symantec Brightmail Gateway 8.x, Symantec Mail Security Appliance 5.0.x ...
Solution: Please see the vendor advisory for a patch matrix.
Symantec (SYM09-010): http://preview.tinyurl.com/mp5rza ...

Norton 2009 product or Norton 360 Version 3.0 - Error: "Symantec Service Framework has encountered a problem and needs to close..." after you install the latest updates
- http://www.symantec.com/norton/suppo...090821103237EN
Last modified: 08/25/2009 - "Download and run the fix tool
1. Download the fix tool*.
Save the file to the Windows desktop.
DOWNLOAD
2. On the Windows desktop, double-click KB20090821103237EN.exe.
3. In the Open File - Security Warning window, click Run.
4. In the Norton Hotfix window, click Yes.
5. Accept the license agreement, and click OK.
6. Follow the on-screen instructions.
Restart your computer... In some cases you may need to restart the computer twice to apply the hotfix correctly. After you run the fix tool and restart the computer, if you still see this error message, restart the computer once again.
DOCID: 20090821103237EN
Operating System: Windows Vista, Windows XP
* ftp://ftp.symantec.com/public/englis...21103237EN.exe

[AplusWebMaster]

FYI...

avast! vuln - update available
- http://secunia.com/advisories/36858/2/
Last Update: 2009-09-25
Impact: Privilege escalation, DoS
Where: Local system
Solution Status: Vendor Patch
Solution: Update to version 4.8.1356...
Original Advisory: avast!:
http://www.avast.com/eng/avast-4-hom...n-history.html

[AplusWebMaster]

FYI...

CA Anti-Virus Engine - CA20091008-01
- http://support.ca.com/irj/portal/ano...ntentID=218878
"... CA has issued fixes to address the vulnerabilities.
The first vulnerability, CVE-2009-3587, is due to improper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system.
The second vulnerability, CVE-2009-3588, is due to improper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.
... If the file version is earlier than indicated below, the installation is vulnerable.
File Name File Version
arclib.dll 8.1.4.0
> For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
> For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable..."

- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3587

- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3588

[AplusWebMaster]

FYI...

F-Secure PDF handling vuln - update available
- http://secunia.com/advisories/37192/2/
Release Date: 2009-10-29
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch...
Original Advisory: F-Secure:
http://www.f-secure.com/en_EMEA/supp...sc-2009-3.html
Last updated: 2009-10-29
Risk level: High
"... A fix for the problem has been distributed through the malware definition database update channel. This advisory only affects systems that, for some reason, are not updated automatically..."

[AplusWebMaster]

FYI...

Panda vuln - update available
- http://secunia.com/advisories/37373/2/
Release Date: 2009-11-13 ...
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software: Panda Antivirus Pro 2010 9.x, Panda Global Protection 2010 3.x, Panda Internet Security 2010 15.x ...
Original Advisory: Panda:
http://www.pandasecurity.com/homeuse...164&idIdioma=2

[AplusWebMaster]

FYI...

Kaspersky AV vuln - update available
- http://secunia.com/advisories/37398/2/
Release Date: 2009-11-18
Impact: DoS
Where: Local system
Solution Status: Vendor Patch
Software: Kaspersky Anti-Virus 2010
Solution: Update to version 9.0.0.736.
Original Advisory:
http://sysdream.com/article.php?stor...&section_id=78
"... Patch Updated: 2009/11/16..." (?)

- http://www.kaspersky.com/kav_latest_versions

- http://usa.kaspersky.com/support/hom...+vulnerability
October 21, 2009

[AplusWebMaster]

FYI...

ClamAV v0.95.3 released
- http://www.clamav.net/download/sources
Latest stable release: ClamAV 0.95.3...

- http://wiki.clamav.net/bin/view/Main/UpgradeNotes0953
If you have trouble compiling ClamAV please apply this patch (see bug #1737)
You can apply the patch ...
- http://wiki.clamav.net/pub/Main/Upgr...3-bug1737.diff

- http://wiki.clamav.net/Main/UninstallClamAV
... Make sure that you haven’t got old libraries (libclamav.so) lying around your filesystem. You can verify it using: $ ldd `which freshclam`
Also make sure there is really only one version of ClamAV installed on your system...

- http://www.clamwin.com/content/view/220/1/
11 November 2009

- http://www.securityfocus.com/bid/35410/info
Updated: Nov 18 2009 05:16PM

[AplusWebMaster]

FYI...

Avast false positives - fix released
- http://isc.sans.org/diary.html?storyid=7681
Last Updated: 2009-12-03 11:04:57 UTC - "We have received a number of reports of Avast Antivirus false positives... With a recent update the Avast antivirus product have started identifying legitimate products as containing Win32-Dell-MZG...
Update:
A new update was released fixing the issue. 091203-1. If you haven't used your computer between 12:00am UTC and 5.50 am UTC, then you will receive the new update and you should be fine. For those that were affected I recommend you keep an eye on the Avast blog http://forum.avast.com/index.php?topic=51647 as they are working on some how to's to help fix any issues."

[AplusWebMaster]

FYI...

Kaspersky - Insecure default directory permissions
- http://secunia.com/advisories/37730/2/
Release Date: 2009-12-17
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software:
Kaspersky Anti-Virus for Windows Server 6.x
Kaspersky Anti-Virus for Windows Workstations 6.x
Kaspersky Internet Security 9.x ...
Solution:
Kaspersky Internet Security 2010:
Update to version 9.0.0.736.
Kaspersky Anti-Virus 6.0 for Windows Workstations:
Update to version 6.0.4.1212.
Kaspersky Anti-Virus 6.0 for Windows File Servers:
Update to version 6.0.4.1212...

- http://www.kaspersky.com/kav_latest_versions

- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4114

- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-4452

[AplusWebMaster]

FYI...

Latest: http://www.av-comparatives.org/en/co.../dynamic-tests
Dec. 2010

- http://www.av-comparatives.org/compa...formance-tests
Performance Tests
___

- http://www.av-test.org/certifications.php
AV-Test 2010/Q3 - XP // Product Review and Certification Report