| VID |
28190 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Windows host has a version of PowerArchiver program that is vulnerable to a buffer overflow vulnerability. PowerArchiver is a file compression utility for Microsoft Windows platforms. PowerArchiver versions prior to 9.64.03 could execute arbitrary code on the system, caused due to stack-based buffer overflow vulnerabilities in the "LoadTree()" and "ReadHeader()" functions (PAISO.DLL) when processing specially crafted ISO images. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the affected host by tricking a user into opening a malicious ISO file.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://vuln.sg/powarc964-en.html
http://archives.neohapsis.com/archives/bugtraq/2007-01/0101.html
http://www.frsirt.com/english/advisories/2007/0041
* Platforms Affected:
PowerArchiver versions prior to 9.64.03
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of PowerArchiver (9.64.03 or later), available from the PowerArchiver Download Web site at http://www.powerarchiver.com/download/ |
| Related URL |
CVE-2007-0097 (CVE) |
| Related URL |
21867 (SecurityFocus) |
| Related URL |
31263 (ISS) |
|
