OOB Write Heap Buffer dwCompressionSize MS-WIM

Vulnerability

Quick Heal Internet Security Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Vulnerability Description

We found that the Quick Heal Internet Security is vulnerable to Out of Bound Write on Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED.

This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.

CVE ID

CVE-2017-8773

Vendor

http://www.quickheal.co.in/

Products

  • Quick Heal Internet Security 10.1.0.316 and prior
  • Quick Heal Total Security 10.1.0.316 and prior
  • Quick Heal AntiVirus Pro 10.1.0.316 and prior

Disclosure Timeline

  1. 13 July 2016 – Reported to vendor
  2. 15 July 2016 – Received acknowledgement from vendor
  3. 20 July 2016 – Patch released

Credits

Ashfaq Ansari – Project Srishti – Payatu Technologies

 

Leave a Reply

Your email address will not be published. Required fields are marked *

eight − four =