QuickHeal

CVE-2017-5005 for Quick Heal Antivirus

Advisory

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability.

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Vulnerability Description

We found that the Quick Heal Internet Security is vulnerable to Out of Bound Write on Stack Buffer due to improper validation of LC_UNIXTHREAD.cmdsize (Mach-O).

This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.

Proof of Concept

Vendor

http://www.quickheal.co.in/

Products

Quick Heal Internet Security 10.1.0.316 and prior
Quick Heal Total Security 10.1.0.316 and prior
Quick Heal AntiVirus Pro 10.1.0.316 and prior

Disclosure Timeline

09 June 2016 – Reported to vendor
11 June 2016 – Received acknowledgement from vendor & Patch released

Author

Ashfaq Ansari

ashfaq[at]payatu[dot]com

@HackSysTeam | Blog | null

http://www.payatu.com/

License

Please see the file LICENSE for copying permission

http://hacksys.vfreaks.com

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
CVE-2017-5005.mach		CVE-2017-5005.mach
LICENSE		LICENSE
Non-ASLR-Modules.csv		Non-ASLR-Modules.csv
Quick Heal Exploit Demo.avi		Quick Heal Exploit Demo.avi
Quick Heal Exploit Demo.png		Quick Heal Exploit Demo.png
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

QuickHeal

Advisory

Vulnerability Description

Proof of Concept

Vendor

Products

Disclosure Timeline

Author

License

About

Releases

Packages

License

payatu/QuickHeal

Folders and files

Latest commit

History

Repository files navigation

QuickHeal

Advisory

Vulnerability Description

Proof of Concept

Vendor

Products

Disclosure Timeline

Author

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Packages