> McAfee VirusScan Enterprise On-Access Scanner Unicode Filename Buffer
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Moderately critical
> DoS, System access
> From remote
> McAfee VirusScan Enterprise 8.x
> A vulnerability has been reported in McAfee VirusScan Enterprise,
> which can be exploited by malicious people to cause a DoS or to
> potentially compromise a vulnerable system.
> The vulnerability is caused due to an error within the On-Access
> scanner component when processing file names that contain multi-byte
> characters (e.g. Chinese). This can be exploited to stop the
> On-Access scan or to cause a heap-based buffer overflow via a file
> with a specially crafted, overly long filename.
> Successful exploitation may allow execution of arbitrary code but
> requires that East-Asia language files are installed, the default
> Unicode codepage is set to a language that contains multi-byte
> characters, and that the attacker is able to place the specially
> crafted file on the target system.
> The vulnerability reportedly affects versions 8.0i Patch 11 and
> Apply Patch 12 or later.
> PROVIDED AND/OR DISCOVERED BY:
> iDefense Labs
> ORIGINAL ADVISORY:
> iDefense Labs: