SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Security)  >  avast! Vendors:  ALWIL Software
avast! antivirus May Fail to Detect Certain Viruses
SecurityTracker Alert ID:  1013991
SecurityTracker URL:  http://securitytracker.com/id?1013991
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 18 2005
Impact:  Host/resource access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): 4.6.623 and prior
Description:  Juha-Matti Laurio reported a vulnerability in avast! antivirus. Certain types of viruses may not be detected.

The antivirus software may not properly detect certain virus types. The specific virus types were not identified.

Windows NT 4.0 systems are affected.

The vendor disclosed this vulnerability. Juha-Matti Laurio advised us of this vulnerability.
Impact:  A virus may bypass the anti-virus detection.
Solution:  The vendor has issued a fixed version (4.6.652), available via the application's user
interface or at:

http://www.avast.com/eng/updates.html
Vendor URL:  www.avast.com/ (Links to External Site)
Cause:  Input validation error, State error
Underlying OS:  Windows (NT)
Reported By:  Juha-Matti Laurio <juha-matti.laurio@netti.fi>
Message History:   None.

 Source Message Contents
Date:  Wed, 18 May 2005 01:26:46 +0300 (EEST)
From:  Juha-Matti Laurio <juha-matti.laurio@netti.fi>
Subject:  avast! 4 antivirus Unspecified Scan Evation Vulnerability

 
 
A new local type vulnerability was reported in avast! antivirus version 
4.6.623 and prior.
 
Description:
A bug causing lack of detection of certain virus types under Windows NT 
4.0 operating system platform was fixed in avast! version 4.x anti-virus 
client.
This issue is due to a failure of the application to properly handle 
certain virus types files.
Detailed information of virus typed handled in this issue is not available.
 
Solution status:
Vendor patch
 
Software:
ALWIL Software avast! 4 Professional Edition
ALWIL Software avast! 4 Home Edition
 
The vulnerability has been reported in version 4.6.623 of Professional 
and Home Edition. Other versions may also be affected as well.
 
Vendor:
ALWIL Software
http://www.avast.com/
 
Vendor homepage:
http://www.avast.com/
 
Pruduct homepage:
avast! 4 Professional Edition
http://www.avast.com/eng/avast_4_professional.html
and
avast! 4 Home Edition
http://www.avast.com/eng/avast_4_home.html
 
Solution:
The vendor has issued a fixed version 4.6.652 available for download at 
http://www.avast.com/eng/updates.html or via internal application's user 
interface.
 
References:
avast! 4.x Revision History:
http://www.avast.com/eng/av4_revision_history.html
 
avast! antivirus updates:
http://www.avast.com/eng/updates.html
 
Reported by:
This information was provided by the vendor.
 
 
Best regards,
Juha-Matti Laurio
<juha-matti.laurio [at] netti.fi>
Finland


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC