Vigil@nce: F-Secure AV, code execution via DLL Preload
December 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can use a malicious DLL in order to execute code in
F-Secure Anti-Virus.
– Severity: 2/4
– Creation date: 15/12/2010
DESCRIPTION OF THE VULNERABILITY
The F-Secure Anti-Virus application loads a DLL library when it
starts.
However, the library is loaded insecurely. An attacker can thus
use the VIGILANCE-VUL-9879 (https://vigilance.fr/tree/1/9879)
vulnerability to execute code.
An attacker can therefore invite the victim to open a file with
F-Secure Anti-Virus from a network share containing a malicious
DLL, in order to execute code in the context of F-Secure
Anti-Virus.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/F-Secure-AV-code-execution-via-DLL-Preload-10219