BitDefenderAntivirus PDF Processing Memory Corruption Vulnerability
RISK: Medium Risk
It has discovered a vulnerability in BitDefender Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the "pdf.xmd" module when processing data encoded using e.g. the "FlateDecode" and "ASCIIHexDecode" filters. This can be exploited to cause a memory corruption via a specially crafted PDF file.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in BitDefender Free Edition 10 updated 2008-11-21. Other versions may also be affected.
Impact
- Remote Code Execution
System / Technologies affected
- BitDefender Antivirus Standard 10and prior
- BitDefender Free Edition 10and prior
Solutions
There is no official patch for this vulnerability now, please consider the following workaround.
Do not scan untrusted PDF files using BitDefender.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with