VULHUB ™

A buffer overflow vulnerability exists in the ARJ handling code in the Anti-Virus library included in various F-Secure products. The vulnerability is due to insufficient bounds check of ARJ header fields which will be copied into a finite buffer on the heap. This vulnerability could be exploited by a malicious ARJ archive to execute arbitrary code in the context of the affected applications.

A buffer overflow vulnerability exists in the ARJ handling code in the Anti-Virus library included in various F-Secure products. The vulnerability is due to insufficient bounds check of ARJ header fields which will be copied into a finite buffer on the heap. This vulnerability could be exploited by a malicious ARJ archive to execute arbitrary code in the context of the affected applications.