Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Memory Corruption Mach-O 2


17/10/2016

Memory Corruption Mach-O 2

Vulnerability

Quick Heal Internet Security Memory Corruption Vulnerability

Vulnerability Description

We found that the Quick Heal Internet Security is vulnerable to Memory Corruption while parsing malformed Mach-O file.

CVE ID

CVE-2017-8775

Vendor

http://www.quickheal.co.in/

Products

  • Quick Heal Internet Security 10.1.0.316 and prior
  • Quick Heal Total Security 10.1.0.316 and prior
  • Quick Heal AntiVirus Pro 10.1.0.316 and prior

Disclosure Timeline

  1. 25 June 2016 – Reported to vendor
  2. 5 August 2016 – Patch released

Credits

Ashfaq Ansari – Project Srishti – Payatu Technologies