CVE-2007-2846

N/A Unknown

Published: May 24, 2007 Modified: April 23, 2026

Description

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=full-disclosure&m=118007660813710&w=2

Source: cve@mitre.org

http://osvdb.org/36522

Source: cve@mitre.org

http://www.avast.com/eng/adnm-management-client-revision-history.html

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/125868

Source: cve@mitre.org

US Government Resource

http://www.nruns.com/advisories/%5Bn.runs-SA-2007.009%5D%20-%20Avast%21%20Antivirus%20SIS%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/469585/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24155

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1935

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/34501

Source: cve@mitre.org

http://marc.info/?l=full-disclosure&m=118007660813710&w=2